Zscaler Blog

Get the latest Zscaler blog updates in your inbox

Subscribe
Products & Solutions

Rogue One: A Star Wars Story

image
NICK KAEL
December 21, 2016 - 2 min read

As I sat through the premiere of “Rogue One: A Star Wars Story” this past weekend, I couldn’t help but relate it back to a familiar tale that consistently comes up in IT security. The similarities were striking as I watched the story unfold. (Warning: spoiler ahead.)

The story opens, as it always does, in a galaxy far, far away. We learn that the plans for the Death Star reveal hidden vulnerabilities in its design that the Rebel Alliance may be able to exploit. To succeed, however, the Rebels would need to steal the plans and would use tactics like social engineering as a way to locate and exploit the weakest link in the Imperial defense. Turns out this weak link took the form of a security breach from a user. Starting to sound familiar?

Once inside, the Rebels set up diversions for the Imperial forces, so they could try to locate the plans in the Imperial data storage. They were in luck. Because the data wasn’t encrypted, they could easily identify the plain text files in which they’d find not only the plans, but also the crown jewel: the vulnerability that could destroy the Death Star.

As part of their strategy, the Rebels sought the assistance of two malicious insiders, a pilot and K-2SO, an Imperial security droid that had been reprogrammed and was now loyal to the Alliance. Once the Rebels got the data, they faced another major hurdle: exfiltration. In order to get the files out, they needed to take down the Imperial shield. They threw everything they had at it, bringing the shield to its knees like a massive DDoS attack. Success.

There’s been a lot of debate over the moral of “Rogue One: A Star Wars Story.” Redemption, sacrifice, and looking outside oneself for purpose are a few. The film has even sparked some controversy as filmmakers and political extremists argued whether or not the story had political undertones. (Obviously.) But from my standpoint, the moral we can all take away from “Rogue One” is as follows: Don’t become the weakest link in your network by falling victim to social engineering or bypassing security controls, and do invest in sandbox technology that will prevent infected files from being downloaded; do protect your data with robust encryption and the use of data loss prevention; and always be sure to use the Force.

 

Read how Zscaler Cloud Sandbox blocks malware and prevents C&C calls

Read how Zscaler Data Loss Prevention prevents data exfiltration

Explore more Zscaler blogs

Exceptional Customer Experiences Begin at Home
Exceptional Customer Experiences Begin at Home
Read Post
The Power of Zscaler Intelligence: Generative AI and Holistic View of Risk
The Power of Zscaler Intelligence: Generative AI and Holistic View of Risk
Read Post
Take Cloud Native Security to the Next Level with Integrated DLP and Threat Intel
Take Cloud Native Security to the Next Level with Integrated DLP and Threat Intel
Read Post
Cloud Compliance
The Impact of Public Cloud Across Your Organization
Read Post
01 / 02
dots pattern

Get the latest Zscaler blog updates in your inbox

By submitting the form, you are agreeing to our privacy policy.