Cybersecurity errors at Nakatomi

Many families spend the holidays watching favorite movies together, in lots of cases the same ones year after year, making Christmas and New Year’s traditions. Some people love Christmas comedies, others favor melodramas. As for me, my favorite Christmas movie is Die Hard. After all, 60% of John McClane’s encounters with terrorists take place on Christmas Eve, and I’m far from the only person associating the action classic with the holiday.

Sure, with Live Free or Die Hard (aka Die Hard 4.0), we got a plot really focused on critical infrastructure cybersecurity — and we’ll come to that in due course — but look closely and you’ll see plenty of examples of both good and shocking cybersecurity in the first movie as well.

After all, the Nakatomi Corporation uses the most cutting-edge technologies of the day: a mainframe that synchronizes with Tokyo-based servers, a computerized lock on the vault, and even a touch-screen information terminal in the lobby (don’t forget, we’re talking 1988 here).

Physical security at Nakatomi Plaza

Security issues jump out right from the start. John McClane, our protagonist, enters the building and addresses the security guard, mentioning only the name of his wife, whom he came to see. He never says his own name or shows any form of ID. Even providing his wife’s name shouldn’t get him in, though; their marriage is on the rocks and she’s reverted to using her maiden name at work.

Instead of challenging the intruder, the careless guard simply points him in the direction of the information terminal, then the elevators. So, basically anyone can enter the building. What’s more, as the action progresses, we repeatedly see non-password-protected computers in the building, all open to evil-maid attacks.

Access to engineering systems

It is not long before criminals enter the building, kill the guards (just two are on watch Christmas eve), and take control of the building. Naturally, all of the engineering systems in Nakatomi Plaza are controlled from one computer, which is in the security room, right next to the entrance.

The sole hacker among the terrorists, Theo, taps a few keys and bam, the elevators and escalators stop working and the garage is blocked off. The computer is already on (although the room is empty) and has no protection against unauthorized access — the screen isn’t even locked! For a company employee (in the security department) to leave the screen unlocked is simply unforgivable.

Network security

The first thing that the terrorists demand from the president of Nakatomi Trading is the password for the company’s mainframe. Takagi, thinking the villains are after information, drops an interesting tidbit about the company’s security practices: Come morning in Tokyo, he says, any data the attackers gain access to will be changed, undermining blackmail attempts. We can draw two conclusions from that:

Nakatomi’s information systems in Tokyo keep track of who gains access to what and when. That is a fairly well-implemented security system. (Of course, it’s possible Mr. Takagi is bluffing.) Moreover, Takagi seems to have absolutely no knowledge of time zones. In Los Angeles, night has just fallen (the intruders enter the building at dusk, and during the conversation in question, we can see through the window that it’s dark out). Therefore, it’s got to be at least 10:30 the next morning in

Continue reading

This post was originally published on this site