Attackers don"t always hide behind their screens and attack remotely. It"s possible that a cybercriminal is standing right behind you when you enter the company in the morning. These are the most common methods of physical cyber attacks.
Tailgating, also known as piggybacking, is a social engineering method used to gain physical access to security-critical areas. Among other things, attackers exploit the good faith of employees to enter restricted areas unhindered. In the case of tailgating, an attacker simply follows an employee or supplier through an entrance that would normally require authentication. The creativity and audacity of the fraudsters knows no bounds: “I"m new here and forgot my card, can you let me in?” or “I have to deliver packages, can you hold the door for me?” With pretexts like these, attackers try to gain access under pre-determined reasons. Depending on the size of the company and the nature of the company premises, tailgating attacks can take different forms: fraudsters can search for unused or unguarded entrances or climb over fences and gain access themselves before smuggling themselves into the building behind actual employees. At secure entrances, the trick is to pretend that they have forgotten their access card. In large companies where there is more anonymity, they could start a conversation with employees and thus pass unnoticed by reception.
Just as with cyber attacks, it is also important to proactively counter tailgating in order to minimize the potential danger: A series of security precautions can prevent unauthorized persons from gaining access to your premises and tampering with the equipment there. These include, for example:
Documents or papers with confidential information often remain in the office, whether on the desk, at the printer or at the reception. These sensitive documents are susceptible to loss and could easily fall into the wrong hands. Even if they are not removed directly from the office, they could allow visitors to view information that is not intended for their eyes. The threat of document theft and the potential impact on a company"s IT security are significant. To counteract this risk, a clear desk policy can be implemented. This policy ensures that desks and devices are cleared at the end of the workday to reduce the likelihood of sensitive documents being left unattended. Employees should also be encouraged to destroy sensitive documents after use. To minimize the risk of document and device theft, employees should be made aware that they should never leave their devices and confidential documents unattended. Offices can also be equipped with secure drawers and storage facilities to keep confidential documents safe. It also goes without saying that access restrictions should be put in place and alarm systems installed to prevent break-ins. Another far-reaching security measure is to equip all devices that have access to company information with data encryption software and remote wipe capability. This allows a quick and effective response in the event of theft or loss, minimizing potential damage.
In companies with customer visits or other reception areas, there is a risk that external visitors may, in a variety of ways, intentionally or unintentionally, gain access to sensitive information without this leading to the actual theft of documents. Physical documents left on desks or in open areas may inadvertently be captured by prying eyes. In addition, an inattentive employee could leave confidential papers lying around while talking to a visitor. There is also a risk of visual hacking, where visitors or unauthorized persons can look at screens and capture sensitive data. Even with careful handling of paper documents, an unlocked briefcase or an unattended folder could also provide an opportunity for information theft. Furthermore, visitors could inadvertently overhear confidential conversations or information during meetings if proper precautions are not taken. Privacy can be further enhanced by using noise-masking precautions, as well as providing separate rooms for confidential conversations.
Unauthorized individuals pose another serious threat to your organization"s IT security. In particular, if it is difficult to track who was or is present at the workplace at any given time, it becomes nearly impossible to maintain an effective level of physical security. Unregistered visitors significantly increase this risk, as it is not clear whether they were present at any given time in the event of an incident. For example, by issuing visitor badges, organizations can ensure that everyone in the building is registered. This not only provides transparency about who is authorized to be on the premises, but also makes it possible to review access logs to determine who was present at the time of an incident. With all the password policies, MFA, SOC implementations and** phishing awareness campaigns (https://trufflepig-forensics.de/en-de/blog/phishing-mitarbeiter-schulen-durch-echte-angriffe/), don"t lose sight of your organization"s physical IT security! Find out about the potential risks and attack surfaces and train your employees to ensure their cooperation in a secure workplace. This is the only way to establish a high level of awareness of IT security in your organization.
