While high-profile ransomware and malware attacks get lots of media attention, threats like tailgating attacks and piggybacking attempts often get overlooked. Yet these social attacks present a substantial risk to modern enterprises.
During these attacks, a cyber criminal will attempt to enter a restricted area without going through an authentication process, such as a passcode-protected door or a biometric scanner.
Bad actors can do this by locating a secure area, waiting outside for an authorized employee to enter, and asking them to hold the door so they can slip through the defenses designed to protect the perimeter.
This article will examine what tailgating attacks are, how they work, and what you can do to protect your sensitive information from them.
What’s the Difference Between Tailgating and Piggybacking?
While tailgating attacks and piggybacking are often used interchangeably, it’s important to note that the two have distinct differences. Tailgating attacks are where an attacker follows an unaware user to gain access to an area without authorization.
In contrast, in a piggybacking attack, an employee or ex-employee knowingly provides unauthorized individual access to a protected environment as part of a coordinated attack.
What are the Most Common Tailgating Methods?
Source: Wlan Labs
Tailgating attacks can happen so fast that it can be challenging to assess the situation. But proper awareness of the common ways attackers tailgate can go a long way in helping you and your employees protect yourselves.
Walking behind employees
Tailgaters often take advantage of the common courtesy of holding the door open for people behind us. They walk too close behind an employee, hoping to be helped inside by the unknowing victim.
Posing as a courier
Especially in this day and age where online shopping is rampant, a social engineer may pose as a courier to get access to your building. Without proper holding areas for couriers, receptionists can easily let them after being made to believe they have a delivery for someone on a specific floor or room.
Pretending their hands are too full to open doors
Social engineers can take advantage of people’s natural kindness, pretending they have their hands full and hoping an employee will help open the doors for them.
Claiming to have forgotten their ID
The easiest way for a social engineer to gain access to a building is to pretend to be an employee who has simply forgotten their ID at home. They can be pretty convincing and fool an employee into handing them a pass or helping them inside.
Acting like they were invited
Sometimes, social engineers will try to test the waters first, presenting themselves as a guest of someone in the office. Before doing this, however, they have likely already researched the names of people in the organization to make their act more believable.
What are the Dangers of a Tailgating Attack?
With social engineering threats rising 270% last year, tailgating attacks are becoming more significant as cyber criminals know that many organizations fail to implement adequate physical security measures to protect data on-site.
At the same time, attackers know that if they gain access to a restricted area, such as a data center, they can steal high-value equipment and tamper with devices. The latter action can include installing malware on critical infrastructure, encrypting information, and exfiltrating data assets to orchestrate a data breach.
In this sense, the impact of a tailgating attack is no less severe than an intrusion caused by an employee clicking on a malicious attachment or handing over their login credentials.
Despite this, just a few years ago, a survey revealed that 74% of security executives believed they weren’t tracking tailgating enough at their organization, leaving the door open to serious security incidents and data breach liabilities.
What Organizations Are at Risk of Tailgating Attacks?
Many organizations don’t prepare to mitigate tailgating attacks because they underestimate the willingness of cyber criminals to conduct “boots on the ground” style attacks.
The reality is any company with sensitive data is at risk of a tailgating attack. But, some higher-risk organizations include:
- Organizations with multiple entry points – If your office has several entrances, you’re going to be a much more appealing target for cyber criminals to attack.
- Organizations with lots of employee turnover – Disgruntled ex-employees can gather valuable information on your internal security practices, and a small minority may use this knowledge for malicious purposes.
- Organizations in offices with lots of meeting rooms – Offices with lots of meeting rooms and disparate IT resources make it easier for threat actors to access sensitive resources without being detected.
7 Ways to Prevent Tailgating Attacks
Luckily, there are ways to protect your organization from bad actors trying to gain access to your offices.
Physical Security Protocols
Physical security protocols are your first defense when defending against unauthorized access on-site. These safeguards include biometric scanners, passcodes, FOBs, and keys you can use to prevent unauthorized individuals from gaining access to high-value areas in the first place.
Employee security awareness training
On top of these core security measures, you can offer employees security awareness training to educate them about tailgating attacks. They can identify the techniques attackers use to gain access to restricted areas.
Security campaigns
Alongside your security awareness training, you can create security campaigns to advise employees not to hold doors for other individuals to reduce the risk of criminal entities gaining access to sensitive information.
As an added precaution, you can also ensure reception areas are fully staffed to help keep out any unusual individuals and to check employees’ credentials if appropriate. Although it’s important to note these measures can’t be relied upon if you have a malicious insider.
If you want to provide employees with guidance on how they can prevent tailgating from happening, there are some basic instructions you can give them:
Be aware of anyone following you toward restricted areas
If someone follows you to a restricted area, don’t open the door for them at any cost, and politely refuse if asked.
Report suspicious individuals
If you spot an individual acting suspiciously near a protected area, report them to security immediately.
Say hello
If you notice someone who’s out of place near a restricted area, it can be helpful to politely say hello, and then offer to escort them to reception.
Report malfunctioning or open doors
If doors or security measures aren’t working, report them immediately to the security team to ensure they’re aware of the issue. They are prepared to work on a fix.
Awareness is the First Step Against Tailgating Attacks
Tailgating attacks are no less severe than phishing scams or ransomware threats you’re likely to counter online. If a cyber criminal gains physical access to your sensitive resources, they can compromise critical devices, encrypting or exfiltrating your mission-critical data and putting you out of action.
User awareness, informed by security best practices through security awareness training, is your best defense against these types of threats because it will decrease the likelihood of someone entering the area unnoticed and the risk of an employee inadvertently assisting them.
Want to find out how you can educate your employees about tailgating attacks?
Access our Cyber Security Hub, where you will get access to a range of resources to increase cyber security awareness and resilience in your organization.