CFR Presents

Net Politics

CFR experts investigate the impact of information and communication technologies on security, privacy, and international affairs.

Print Print Cite Cite
Style: MLA APA Chicago Close


The Galactic Empire Has Terrible Cybersecurity

by Guest Blogger
November 17, 2015

Cyber Net Politics CFR Five hundred Stormtrooper replicas are seen on the steps at the Juyongguan section of the Great Wall of China during a promotional event for "Star Wars: The Force Awakens" film, on the outskirts of Beijing, China, October 20, 2015. (Jason Lee/Reuters).


Alex Grigsby is the assistant director for the Digital and Cyberspace Policy program at the Council on Foreign Relations. 

The new Star Wars movie, The Force Awakens, comes out in about a month. As with most people, I can’t wait for the new movie. I’ve been re-watching the old ones–except for The Phantom Menace, it’s terrible–and getting hyped for the new release.

In re-watching the old movies, I’ve been struck by just how bad the Empire was at cybersecurity. It’s not surprising given that the Empire, despite its resources and power, had some pretty glaring security gaps. I mean, who builds the most complex and destructive weapon in the galaxy and equips it with a single point of failure in the form of an exhaust port? Its cybersecurity gaps don’t fare that much better. In fact, three critical cybersecurity improvements would have made it much more difficult–if not impossible–for the Rebel Alliance to defeat it in Return of the Jedi.

1. Limiting access controls. This is probably the Empire’s biggest vulnerability. Based on what we know from R2-D2 plugging himself into every foreign computer imaginable, the Empire didn’t employ basic access controls. Anyone plugging into an Empire-controlled network could find out anything they wanted to know. That’s how R2-D2 was able to find out where Princess Leia and the tractor beam controls were in Episode 4 (Star Wars/A New Hope). It’s also how R2-D2 was able to find out from the Cloud City network–presumably that was under the control of the Empire given Lando’s terrible deal making–that the hyperdrive on the Millennium Falcon was deactivated at the end of Episode 5 (The Empire Strikes Back). Good access controls allow people to only have access to computer functions that are necessary for them to do their jobs and should prevent anyone that connects to a network from accessing the whole thing. That’s why in most companies, you have to ask your IT department to install new software. When hackers infiltrate a network, generally their first priority is to find ways to gain more network privileges. Had the Empire even implemented basic access controls, there’s little chance that R2-D2 would have been able access everything he did.

2. Two-factor authentication. The lack of two factor authentication is also a huge problem for the Empire. Two factor authentication essentially requires someone to use two credentials to access a system or device, like a password and security token, instead of a simple password. Had the Empire actually deployed two factor authentication throughout the Death Star, it would have been impossible for Ben Kenobi to deactivate the tractor beam in Episode 4. You could make the case that some form of Jedi mediation or mind trick could have gotten him over this obstacle by correctly guessing the two forms of authentication he needed, but in the Star Wars canon, those techniques don’t work on non-organic creatures like computers or droids. In the same movie, R2-D2 also would have had a much harder time shutting down the garbage compactor on the detention level, possibly not giving him enough time so save Han, Leia, Chewie and Luke.

3. Encrypting sensitive data. The Empire has a patchy record with encryption. In Episode 5, they actually seem to use it. When the Rebels discover an unknown transmission on Hoth early in the movie, they can’t decipher its contents. C-3PO, whose primary function is translation and protocol, admits to the Rebel radio operator that it could be an imperial code but doesn’t provide any more information, leading us to believe that the message is encrypted. If only the Empire had used encryption with all of their sensitive data, like the blueprints for the Death Star. It’s also pretty appalling that they didn’t encrypt the fact that they had deactivated the hyperdrive on the Falcon in Episode 5. Even with sloppy access permissions, encrypting that fact meant it would have taken longer for R2-D2, Chewie and Lando to figure out what was wrong with the Falcon as they escaped Cloud City. That extra time would probably have given Admiral Piett more time to activate the Executor’s tractor beam and recapture them.

It’s probably impossible to argue that the Empire’s poor cybersecurity practices led to its downfall. After all, the Star Wars universe is science fiction and there are probably ways the Rebels could have gotten around the security measures had they been in place. No security control is ever perfect.

Here’s hoping that Kylo Ren and the First Order step up their game in The Force Awakens.

Post a Comment 11 Comments

  • Posted by Jon

    I highly recommend Adam Shostack’s 2014-ish “Threat Modeling Lessons From Star Wars” speech/podcast (links at his site; for even more cyber-star-wars-geekery.

  • Posted by Alex Kreilein

    This article is tremendously funny and incredibly accurate. Let us not also forget about the lack of redundancy, failover back-up, and wireless security demonstrated with the droid army in the first three episodes. Moreover, the fact that R2-D2 can simply plug into any foreign computer terminal and gain root access concerns me on any number of levels. OPM would do well to watch these movies as a cautionary tale on physical axis control and a host of other issues.

  • Posted by Michael Grosser

    I agree with all your points except “shutting down the garbage compactor”. You certainly wouldn’t want to employ two factor authentication on a system that should have an emergency stop for safety reasons. It’s would be like employing authentication controls for fire pull stations.

  • Posted by A different Jon

    Amusing and informative.

    However, why do you assume the Empire designed-in the thermal exhaust port vulnerability? Did Microsoft “equip” Internet Explorer with features for hackers own the application and thus the PC? Beyond being a plot device, this is how the real world works. Adversaries–whether hackers or Rebels–do: they examine designs and figure out how to break them. No designers/engineers are perfect; nor are their products. I note also that the Empire didn’t make the same mistake twice. Death Star v2 required the Rebels to find and exploit a different vulnerability.

    The “hubris” of not needing to secure data from internal connection (R2D2, hyperdrive) is far from unique to the Empire, There aren’t supposed to be Rebels INSIDE the Death Star, so when you’re prioritizing you IT security investment, maybe this gets a pass. It seems much more reasonable than, say, not encrypting the entire collection of security investigations for intelligence, military, civil service, and contract personnel.

    PS: thanks Jon for the link

  • Posted by Adam Shostack

    Thanks first Jon!

    My favorite version of my star wars threat modeling talk is

    Readers might also enjoy “The Security Principles of Saltzer and Schroeder illustrated with scenes from Star Wars”

  • Posted by Steve

    The exhaust port was nothing more than incompetent engineering. There should have been obstructions to protect the reactor against objects falling in, especially since the whole purpose of the ship was to blast things apart.

    The Empire used the plans for the Death Star in ep 4 to bait the rebels. It was a calculated risk that should have worked.

  • Posted by Rob Geiger

    The exhaust port is nothing more than incompetent engineering?

    The engineer who built it would argue otherwise:

  • Posted by Adam

    Hi Rob,

    Thanks for sharing that! I hadn’t seen it, and it inspired another post, over at my Emergent Chaos blog.

  • Posted by pat b

    When you put a sith lord in charge of program management,
    what do you expect?

    This was a project that needed a naval architect or systems engineer as PM.

  • Posted by Justine

    This was fantastic! Your post was the inspiration for an infographic I just made titled- Is Your Network Using the Force-
    Let me know what you think!

  • Posted by Tanner

    Great article! I found this after watching Rogue One and wondering why the Empire has such terrible security in general. The specific scene was when Jyn and Cassian fly a stolen shuttle onto Scarif… A shuttle stolen from an Imperial base hours before. How did the Empire not have systems in place to invalidate any security codes for stolen sensitive items?! Especially ones stolen from locations recently attacked by Rebels!

    In response to some of the other commenters, obviously we now know why the Death Star had such a glaring (in hindsight) flaw. Vader even seems to suspect this when he tells Krennic that he better make sure he can assure the Emperor that Erso did not compromise the Death Star.

    In general, I think these kinds of weaknesses are endemic to large bureaucratic organizations. There are so many systems in place that are supposed to make the organization function smoothly but they actually just big everything down. The Empire can’t react quickly to an agile Rebel threat, they can’t share information quickly and accurately, and they miss vital snippets of information which are exploited by their adversary.

Post a Comment

CFR seeks to foster civil and informed discussion of foreign policy issues. Opinions expressed on CFR blogs are solely those of the author or commenter, not of CFR, which takes no institutional positions. All comments must abide by CFR's guidelines and will be moderated prior to posting.

* Required