What is a Tailgating Attack?

While high-profile ransomware and malware attacks steal the spotlight, threats like tailgating and piggybacking often fly under the radar. But these social engineering tactics pose a serious risk to today’s enterprises.

In a tailgating attack, cyber criminals attempt to bypass security measures and gain access to restricted areas without proper authentication, such as passcodes or biometric scanners.

These bad actors often target secure zones, lurking outside and waiting for an authorized person to enter. They then exploit the opportunity by asking the individual to hold the door, sneaking past the defenses designed to protect the perimeter.

In this article, we’ll dive into what tailgating attacks are, how they work, and share tips on safeguarding your sensitive information from these sneaky intruders.

What’s the Difference Between Tailgating and Piggybacking?

While tailgating attacks and piggybacking often are used interchangeably, they have two distinct differences. Tailgating attacks are where an attacker follows an unaware user to gain access to an area without authorization.

In contrast, in a piggybacking attack, an employee or ex-employee knowingly provides unauthorized individual access to a protected environment as part of a coordinated attack.

What are the Most Common Tailgating Methods?

Tailgating attacks can strike in the blink of an eye, making it tough to spot the threat. But by understanding the common tactics attackers use, you and your team can stay one step ahead and stay safe.

Walking behind employees

Tailgaters often take advantage of the common courtesy of holding the door open for people behind us. They walk too close behind an employee, hoping to be helped inside by the unknowing victim.

Posing as a courier

In today’s world of rampant online shopping, social engineers often pose as couriers to gain access to your building. Without secure holding areas for deliveries, receptionists can easily be tricked into letting them in, thinking they’re just delivering to a specific floor or room.

Pretending their hands are too full to open doors

Social engineers take advantage of people’s natural kindness, pretending they have their hands full and hoping an employee will help open the doors for them.

Pretending to forget their ID

The simplest trick for a social engineer to breach a building is by posing as an employee who "forgot" their ID at home. They can be incredibly convincing, easily tricking someone into handing over a pass or letting them in.

Acting like they were invited

Social engineers often pose as guests of office employees, but before doing so, they've usually done their homework, researching staff names to make their ruse more convincing.

The Dangers of a Tailgating Attack

With social engineering threats rising 270% last year, tailgating attacks are becoming more significant as cyber criminals know that many organizations fail to implement adequate physical security measures to protect data onsite.

At the same time, attackers know that if they gain access to a restricted area, such as a data center, they can steal high-value equipment and tamper with devices. The latter action can include installing malware on critical infrastructure, encrypting information, and exfiltrating data assets to orchestrate a data breach.

In this sense, the impact of a tailgating attack is no less severe than an intrusion caused by an employee clicking on a malicious attachment or handing over their login credentials.

Despite this, just a few years ago, a survey revealed that 74% of security executives believed they weren’t tracking tailgating enough at their organization, leaving the door open to serious security incidents and data breach liabilities.

What Organizations Are at Risk of Tailgating Attacks?

Many organizations don’t prepare to mitigate tailgating attacks because they underestimate the willingness of cyber criminals to conduct “boots on the ground” style attacks. The reality is any company with sensitive data is at risk of a tailgating attack. But, some higher-risk organizations include:

• Organizations with multiple entry points – If your office has several entrances, you’re going to be a much more appealing target for cyber criminals to attack.
• Organizations with lots of employee turnover – Disgruntled ex-employees can gather valuable information on your internal security practices, and a small minority may use this knowledge for malicious purposes.
• Offices with lots of meeting rooms – Numerous meeting rooms and disparate IT resources make it easier for threat actors to access sensitive resources without being detected.

7 Ways to Prevent Tailgating Attacks

Luckily, there are ways to protect your organization from bad actors trying to gain access to your offices.

1. Physical security protocols

Physical security protocols are your first defense when defending against unauthorized access on-site. These safeguards include biometric scanners, passcodes, FOBs, and keys you can use to prevent unauthorized individuals from gaining access to high-value areas in the first place.

2. Employee security awareness training

On top of these core security measures, you can offer employees security awareness training to educate them about tailgating attacks. They can identify the techniques attackers use to gain access to restricted areas.

3. Security campaigns

Alongside your security awareness training, you can create security campaigns to advise employees not to hold doors for other individuals to reduce the risk of criminal entities gaining access to sensitive information.

As an added precaution, you can also ensure reception areas are fully staffed to help keep out any unusual individuals and to check employees’ credentials if appropriate. Although it’s important to note these measures can’t be relied upon if you have a malicious insider.

If you want to provide employees with guidance on how they can prevent tailgating from happening, there are some basic instructions you can give them:

4. Stay alert if someone tails you toward restricted areas

If someone follows you to a restricted area, don’t open the door for them at any cost, and politely refuse if asked.

5. Report suspicious individuals

If you spot an individual acting suspiciously near a protected area, report them to security immediately.

6. Say hello

If you notice someone who’s out of place near a restricted area, it can be helpful to politely say hello, and then offer to escort them to reception.

7. Report malfunctioning or open doors

If doors or security measures aren’t working, report them immediately to the security team to ensure they’re aware of the issue. 

Awareness is the First Step Against Tailgating Attacks

Tailgating attacks are no less severe than phishing scams or ransomware threats you’re likely to counter online. If a cyber criminal gains physical access to your sensitive resources, they can compromise critical devices, encrypting or exfiltrating your mission-critical data and putting you out of action.

User awareness, informed by security best practices through security awareness training, is your best defense against these types of threats because it will decrease the likelihood of someone entering the area unnoticed and the risk of an employee inadvertently assisting them.