Every movie arrives at a historical moment. It’s significance is judged by how it fits in that moment. As I watched Rogue One, I couldn’t help but notice the vital role of cyberwar in the plot. It’s a theme plucked from the headlines this year, in a way that John Knoll couldn’t have imagined when he originally pitched this story more than 10 years ago.
The week Rogue One released newspaper headlines still screamed about a Russian cyber-attack.
Fact: Russian hackers stole massive amounts of emails, documents, and more from the DNC, the DCCC, and the RNC (See NYTimes summary from 12/13).
These headlines are emblematic of a constant flow of hacks. Examples from the news in the past few months:
- 4 Million Government Personnel Records stolen in 2014
- Yahoo announces One Billion (yes with a B) User Accounts Compromised in 2013.
Spoiler Alert: Rogue One plot summary to follow
It’s with those headlines ringing in my ears that I saw Rogue One. To save the galaxy from the Death Star (a planet-annihilating superweapon) the Death Star Plans must be obtained at any cost. To obtain these plans, the protagonists Jyn, Andor, K-2SO, et. al. lay-down their lives in a daring heist. This heist unfolds in several stages:
1. Physical Invasion — Jyn and Andor invade a giant room containing (presumably) thousands of hard drives. Apparently one of them harbors the Death Star Plans, including the critical flaw. This needle in a haystack could well save the galaxy.
2. Find Death Star Plans — Finding the needle will require first searching through the backups, then physically climbing inside a literal giant hard drive library shelf (complete with a broken robot librarian).
3. Upload Death Star Plans— A link from the planet (turned data center) to The Rebellion must be established and the plans uploaded.
4. Save the Galaxy — The plans safely in the hands of The Rebellion, the 1977 version of The Rebellion can go destroy The Death Star in Star Wars Episode VI- The New Hope.
Rogue One is like a cartoon version of how the US Government had it’s personnel data stolen (for details see The Breach by Wired Magazine). While fanciful in many respects the core ideas of a hack are all here:
1. Physical Invasion — “Physical Access is Access” is an oft quoted security dictum. It means, if a hacker can physically access a device (say a hard drive or iPhone) it’s just a mater of time before a hacker can access the emails and documents store on that device (see Exhibit A: San Bernadino iPhone). More importantly, getting inside a targets computer system is always Step 1 for a hacker. In the real world this is taking control of a first machine within a target network, while in Rogue One it’s full on Special Forces style physical assault.
2. Find Deathstar Plans — After hackers establish a digital beachhead they search for valuable data. They need to get data to make their efforts pay off. Data is often the prize. In the movie the target is The Plans. In the real world, it’s often passwords, emails, or documents.
3. Upload Deathstar Plans — Just like in the movie, where making the upload is the ultimate goal, hackers get value from data only if they can steal it. The final step for a hacker is uploading the data. In tech jargon “exfiltrate it from the data center”.
4. Save the Galaxy — Unfortunately most hackers are about money, not saving the galaxy. They’ll take the data and auction it to the highest bidder and leave destroying the Death Star to Luke Skywalker.
Most likely a verson of the above has been written for every heist movie. However, this heist movie isn’t about stealing The Declaration of Independence or piles of cash, it’s a hard drive.
A Hard drive that looks a lot like what was in most desktop computers from 15 years ago. A hard drive that could as easily contain my emails or your high school English paper as Death Star plans. This hard drive movie reminds us of the increasing power of hard drives in everyday life.
In a year when the successes of cyber-criminals tops the headlines, let’s find an opportunity as 2016 draws to a close to thank the cyber-defenders. These Jedi-like misfits use the force of technical prowess to keep our data from falling into the wrong hands. They have no room for error. Just like in the movie, once the data is gone, it’s gone! As Yoda would say, “Do. Or do not. There is no try.”
Joe Filcik is a technologist interested in the impact of tech in everyday life. Subscribe his latest project, Wonder & Fear at https://WonderAndFear.Tech to receive insightful original posts about technology in your inbox every week.
