SBN

How smoking led to social engineers gaining physical access to a network

Introduction

Social engineering is a common infosecurity threat. I once tried to track down a missing friend by calling up hospitals in our city and telling them that my brother was missing. Four out of five told me he wasn’t there, thus revealing information without confirming my identity in any way. The fifth one said that there’s no way they’ll provide that information over the phone. 

I was both frustrated by that answer and glad at the same time. At least one hospital was concerned with keeping a bit of infosecurity, even though just a few years ago the Swedish health service had leaked over 2.7 million phone call recordings. My calls made me aware of how a good infosec stack is never complete without proper employee training for various threat vectors.

An extremely common threat vector

Top governmental institutions were among the first targets of highly effective social engineering techniques, so there’s no surprise that former Cold War spy-grounds like the Scandinavian countries are really security-aware and prevent unwanted persons from accessing high-level governmental institutions.

Nevertheless, as I mingle with ethical hackers and pentesters in local cons and hacker camps, I hear dozens of absurd stories of how simple social hacks like tailgating (just walking into buildings behind employees) lets hackers into offices of companies almost on a daily basis.

Another common story from a decade or so ago, was that many institutions were penetrated by “AC repairmen” who were let into server rooms to “check the condensation” and left alone to do whatever they wanted. These examples are just the tip of the iceberg when it comes to social engineering techniques, and most governmental and financial institutions have employee training and processes to handle them.

Sadly, decades of counter-intelligence experience, employee training and security procedures might (Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Ebbe Kernel. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/jSMuL9OVVqo/