While high-profile ransomware and malware attacks get lots of media attention, threats like tailgating attacks and piggybacking attempts often get overlooked. Yet these social attacks present a substantial risk to modern enterprises.
During these attacks, a cyber criminal will attempt to enter a restricted area without going through an authentication process, such as a passcode-protected door or biometric scanner.
They can do this by locating a secure area, waiting outside for an authorized employee to enter, and asking them to hold the door so they can slip through the defenses designed to protect the perimeter.
This article will examine what tailgating attacks are, how they work, and break down what security leaders can do to protect their environments from them.
What are the Dangers of a Tailgating Attack?
With social engineering threats rising 270% last year, tailgating attacks are becoming a more significant threat as cyber criminals know that many organizations fail to implement adequate physical security measures to protect data on-site.
At the same time, attackers know that if they gain access to a restricted area, such as a data center, they can steal high-value equipment and tamper with devices. The latter action can include installing malware to critical infrastructure, encrypting information, and exfiltrating data assets to orchestrate a data breach.
In this sense, the impact of a tailgating attack is no less severe than an intrusion caused by an employee clicking on a malicious attachment or handing over their login credentials.
Despite this, just a few years ago, a survey revealed that 74% of security executives believed they weren’t tracking tailgating enough at their organization, leaving the door open to serious security incidents and data breach liabilities.
What’s the difference between tailgating attacks and Piggybacking?
While tailgating attacks and piggybacking are often used interchangeably, it’s important to note that the two have distinct differences. Tailgating attacks are where an attacker follows an unaware user to gain access to an area without authorization.
In contrast, in a piggybacking attack, an employee or ex-employee knowingly provides an unauthorized individual with access to a protected environment as part of a coordinated attack.
What organizations are at risk of tailgating attacks?
Many organizations don’t prepare to mitigate tailgating attacks because they underestimate the willingness of cyber criminals to conduct “boots on the ground” style attacks.
The reality is any company with sensitive data is at risk of a tailgating attack. But, some higher-risk organizations include:
- Organizations with multiple entry points – If your office has lots of separate entrances, you’re going to be a much more appealing target for cyber criminals to attack.
- Organizations with lots of employee turnover – Disgruntled ex-employees can gather valuable information on your internal security practices, and a small minority may use this knowledge for malicious purposes.
- Organizations in offices with lots of meeting rooms – Offices with lots of meeting rooms and disparate IT resources make it easier for threat actors to access sensitive resources without being detected.
How can organizations defend against tailgating attacks?
When defending against unauthorized access on-site, physical security protocols are your first line of defense. These safeguards include biometric scanners, passcodes, FOBs, and keys you can use to prevent unauthorized individuals from gaining access to high-value areas in the first place.
On top of these core security measures, you can offer employees security awareness training to educate them about tailgating attacks. They can identify the techniques attackers use to gain access to restricted areas.
Alongside your security awareness training, you can create security campaigns to advise employees not to hold doors for other individuals to reduce the risk of criminal entities gaining access to sensitive information.
As an added precaution, you can also ensure reception areas are fully staffed to help keep out any unusual individuals and to check employees’ credentials if appropriate. Although it’s important to note these measures can’t be relied upon if you have a malicious insider.
Tips for Users
If you want to provide employees with guidance on how they can prevent tailgating from happening, there are some basic instructions you can give them:
1. Be aware of anyone following you toward restricted areas
If someone follows you to a restricted area, don’t open the door for them at any cost, and politely refuse if you’re asked to do so.
2. Report suspicious individuals
If you spot an individual acting suspiciously near a protected area, report them to security immediately.
3. Say hello
If you notice someone who’s out of place near a restricted area, it can be helpful to go up to politely say hello, and then offer to escort them to reception.
4. Report malfunctioning or open doors
If doors or security measures aren’t working, report them immediately to the security team to ensure they’re aware of the issue. They are prepared to work on a fix.
Recap
Tailgating attacks are no less severe than any phishing scams or ransomware threats you’re likely to counter online. If a cyber criminal gains physical access to your sensitive resources, they can compromise critical devices, encrypting or exfiltrating your mission-critical data and putting you out of action.
User awareness, informed by security best practices through security awareness training, is your best defense against these types of threats because it will decrease the likelihood of someone entering the area unnoticed and the risk of an employee inadvertently assisting them.
Want to find out how you can educate your employees about tailgating attacks?
Reserve your timeslot for a fun, exciting solution walkthrough. It’s like speed dating, only without any disappointment or gong noises.