Cybersecurity in the TV miniseries Obi-Wan Kenobi | Kaspersky official blog

Obi-Wan Kenobi is set ten years after the proclamation of the Galactic Empire, and nine years before said Galactic Empire left the critical infrastructure facility DS-1 Orbital Battle Station (more commonly known as the Death Star) so scandalously vulnerable that it was attacked and largely destroyed by the Rebel Alliance. I watched the series in the hope of tracing the development of the Empire’s information security; however, “degradation” turned out to be the more appropriate descriptor. (By the way: As usual, I’ll try not to reveal any major plot twists, but some spoilers are unavoidable; beware!)

Cybersecurity and Empire employees

Overall, the main item of interest from a cybersecurity perspective is when outsiders penetrate the Inquisitors’ secret facility and gain access to the Imperial computer systems. Before that, however, we see a skirmish on the planet Mapuzo that also arouses our curiosity. Let’s start with that.

Checkpoint on Mapuzo

This despoiled mining planet is believed to be home to the Empire’s most wanted Jedi, Kenobi. Stormtroopers at the checkpoint apprehend a suspicious-looking man and call in the Viper Probe Droid equipped with a facial recognition system to identify him. And guess what? It works!

One question: why didn’t these brainy machines take part in the search for droids in Episode IV nine years later? If, instead of asking passers-by silly questions, the patrol in Mos Eisley had used face recognition, they would have found and arrested Obi-Wan. The Empire couldn’t have known that he was being played by another actor!

Underwater Fortress Inquisitorius and Mustafar’s moon Nur

In terms of information security the secret fortress of the Inquisitors (which everyone knows about) has to be one of the Empire’s most advanced facilities we see in the Star Wars universe. It’s similarly well-secured physically too…

Quite incredibly — by the Star Wars universe standards — people here have their IDs checked at the entrance, the doors are opened with authentication devices called code cylinders, and the underwater gateway is controlled entirely from a computer console — not from a panel by the entry hatch as is usually the case. And there’s also something totally unheard-of: the corridors are patrolled by mobile security cameras. It’s a mystery, why just nine years later these security practices were entirely abandoned by the Empire. In Episode IV, the selfsame Kenobi walks freely around the Death Star and doesn’t even need to log in to access the tractor beam control unit!

But, as you’ve probably guessed, all these security measures don’t do any good. And as usual, it’s all down to the carelessness of a single employee — the so-called “lead security on this level”. The fact is that Kenobi is assisted by an insider — Captain Tala Durith — a bona fide Imperial officer with excellent social-engineering skills who’s become disillusioned with the Empire.

When Tala’s documents are checked at the fortress entrance, it turns out that she’s assigned to a different sector entirely and has no business being at the secret facility. However, Tala pulls rank and convinces the officer on duty — that same “lead security” we mentioned earlier — that she’s brought secret intelligence for the Inquisitors, so she’s allowed in.

Once inside, she enters some kind of control room and logs in to one of the terminals, passing authentication with her code cylinder. There’s something clearly flawed with the delimitation of user rights: why would she have any rights in the system at all if she genuinely has nothing to do with this sector?!

Anyway, Tala gains access to both the fortress’s schematics and the underwater gateway control unit, which she uses to let Kenobi in. The senior officer in the control room eventually grasps that there’s an outsider at the terminal — though it takes him about 20 minutes to do so. But his subsequent actions defy logic: for some reason he takes Tala to a secluded corner behind some units to check her entry pass, in which corner he stays — laid-out with a broken neck for the rest of the series!

Clearly, the staff at this secret facility are totally unprepared for incidents of this nature. Generally speaking, this problem could have been solved with regular pen testing. That said, there probably aren’t that many specialists in this field on Mustafar.

Empire opponents’ cybersecurity methods

Let’s talk about the Empire’s opponents as well. There are no rebels as such in this series: the forces of conventional good are represented only by opposition-minded Alderaan and the underground anti-Imperial network The Path, which doesn’t so much fight the Empire as shelter and transport dissidents (surviving Jedis and Force-sensitives). And there’s, of course, Ben Kenobi himself. In terms of information security, things are, unsurprisingly, not great.

The ruling house of Alderaan

Alderaan’s rulers — the Organa family — have very weird attitude to security (information and otherwise), which raises many questions. Since the very beginning of the Empire, Senator Bail Organa has been actively involved in all sorts of anti-Imperial endeavors. What’s more, the existence of his adopted daughter, Leia, must be kept secret from Vader. You’d think he’d be concerned for the safety of his own family at least. But no, Flea from RHCP the mercenary Vect Nokru has no trouble snatching the princess right from inside the palace walls.

It should be mentioned, that Leia is inseparable from the mini-droid Lola (L0-LA59). So why doesn’t Bail install a solution like Kaspersky Safe Kids on her beloved gadget? Then at least he’d know where the princess had been taken! Especially since remote droid-location technologies do exist and are actively used in the series.

L0-LA59 droid security

In one episode, the Inquisitors, having “droid-napped” L0-LA59, fit her with a malicious surveillance device that lets them control the machine remotely. It’s not clear why the Empire doesn’t exploit this technology later on: it could have, for example, in Episode V, seized control of C-3PO in Cloud City instead of sending him to the smelter. Even more baffling is why the House of Organa doesn’t use droids built on the basis of a cyber immune operating system, which would simply block both connections to untrusted devices and external malicious commands.

Bail Organa and communications

The biggest mystery of all is how Bail Organa, with all his oppositionist views, even lived to see the destruction of Alderaan. Not only does he repeatedly reach out to Obi-Wan Kenobi (which in itself is a death sentence), he does so over an unsecure communication channel, laying out secret information with references to Luke and Tatooine in cleartext.

Note, too, that the messaging system doesn’t only lack encryption: the receiving device even has no basic authentication. In other words, anyone can pick up the device and listen to the last message. Now there’s someone who could definitely use some cybersecurity awareness training!

The Path shelter on planet Jabiim

The Path’s shelter has barely a nodding acquaintance with cybersecurity. The hangar door controller — without which there can be no quick evacuation — is a strange contraption teeming with wires and located in the ventilation ducting. The malicious droid easily gains access to this device and physically disables something in it, making the door uncontrollable.

What’s more, because the critical system is so conveniently located, it’s practically impossible to get to the door controller and fix it. Of course we’re talking here about heroic oppositionists with no funding of any kind. Still, seeing how difficult it is even for a ten-year-old child to squeeze their way through to the device, it’s hard to imagine who the designers thought would maintain and repair the system.

Takeaway

As you can see, nine years before the first Star Wars movie, the Empire was far, far better at information security than it was later on, while its opponents were lacking even a basic understanding of such. Perhaps the reason why the Empire ditched most of its progressive security measures is because in any case they did nothing to actually prevent intrusions and other incidents.