Solo: A cybersecurity story

[harlan4096]

So far, LucasArts has shown us only imperial military bases in its cinematic cybe-investigations. That’s an interesting take, but it’s rather monotonous. Solo: A Star Wars Story gives us a look at the security of some unusual objects: border control at Corellia, the conveyex railway on the Vandor-1, and the privately owned Kessel ore-mining complex. We cannot call events that occurred there purely cybersecurity incidents. So let us look at them in order of decreasing cybercomponent importance.

Kessel: Mining facility

Incident: Beckett’s gang penetrates the mining complex, where the Pyke Syndicate mines and stores raw coaxium hyperfuel. They seize the control center, break the droids’ restraining bolts (disrupting their normal operation), and, in the resulting riot, steal some coaxium.

Analysis: Droids operating in the control center are equipped with restraining bolts. From past cinema investigations, we know that such devices are used only if a droid was “pirated.” In fact, unlicensed, stolen machines work in the control center of the critical infrastructure facility. Their loyalty is achieved through hacker intervention in their motivation system.

I must say, this problem is relevant beyond the Star Wars universe. Last year, our KL ICS CERT published an analysis of threat landscape for industrial automation systems. One of their recommendations was to get rid of unlicensed, “cracked” software, which can contain back doors or be infected with malware. In other words, it can be controlled by a third party. A droid being a typical cyberphysical device, it is no different in this case from the pirated software operating on an industrial facility.

However, that would not be a problem, if the director of the mine stopped bringing outsiders to his office in the facility’s control center, providing access to control over all systems, including security, in that part of the installation. As a result, attackers not only gained access to surveillance cameras and remote door control, but they also disabled the droids’ restraining bolts, which led to rebellion and general chaos.

Vandor-1: Conveyex railway

Incident: Two competing gangs traveling between two imperial facilities try to steal a container of hyperfuel. The Beckett gang has jammed the train’s transmissions, disconnected the cars behind the container with coaxium, blasted the bridge, and, having dropped the remains of the train into the chasm, is trying to steal fuel using a stolen imperial transport. A gang, led by Enfys Nest, is interfering in the operation, trying to intercept the container, which, as a result, falls and collapses.

Analysis: Coaxium is a very expensive and extremely explosive substance. Therefore, the Empire is quite serious about transport infrastructure safety: One of the train cars contains an armed guard; and on the road are towers with viper droids ready to intervene in case of an incident. In addition, additional sensors equipped with integrity control are posted along the railway. They use a wired communication channel to transmit signals. The destruction of one of these sensors triggers the security system and summons the droids.

Of course, it is possible to make a more sophisticated security system. However, in fact, there is only one mistake — the loss of communication with the connected train should already work as a trigger to activate the alarm and call security droids. Not that they were super-effective, but it is possible that if they acted simultaneously with the imperial troopers aboard the train, the crime could have been prevented.

Continue Reading