10 Tailgating
How it works
Target identification: The attacker chooses a target building, office, or data center which requires secure access.
Observation: The attacker watches for patterns, studying employees’ routines and behaviors, identifying an ideal opportunity to slip in unnoticed.
Entry: The attacker waits for a situation where an employee is entering the secure area using their access card, and pretends to have forgotten their card, phone or being preoccupied. The attacker follows the employee entering the area or even asks the employee to hold the door open.
Securing Access: Once inside, the attacker may even steal a physical access card or exploit other vulnerabilities to secure long-term access.
Prevention Measures
Awareness training: Ensure that employees are aware of tailgating as a threat and the importance of adhering to security policies.
Physical security: Implement security measures like turnstiles, mantraps, or security guards to monitor and control access.
Access control: Ensure that access cards are unique to each employee and cannot be easily duplicated.
Strict policies: Enforce strict policies regarding holding doors open for others or allowing individuals into secure areas without proper credentials.
Security culture: Build a strong security culture where employees feel responsible for the organization’s security and report any suspicious behavior.
Recommended
- CYBER SECURITY 101/UNDERSTAND COMMON HACKING TOOLS
- CYBER SECURITY 101/UNDERSTAND COMMON EXPLOIT FRAMEWORKS
- CYBER SECURITY 101/UNDERSTAND CONCEPT OF DEFENSE IN DEPTH
- CYBER SECURITY 101/BASICS AND CONCEPTS OF THREAT HUNTING
- CYBER SECURITY 101/BASICS OF REVERSE ENGINEERING
- CYBER SECURITY 101/KALI LINUX
- CYBER SECURITY 101/PARROT OS
- CYBER SECURITY 101/PHISHING
- CYBER SECURITY 101/SHOULDER SURFING
- CYBER SECURITY 101/DUMPSTER DIVING
- CYBER SECURITY 101/TAILGATING
- CYBER SECURITY 101/BRUTE FORCE
- CYBER SECURITY 101/SOCIAL ENGINEERING