According to the Proofpoint 2019 Annual Human Factor Report, social engineering accounts for 99% of attacks in the cyber world. Cyber actors rely on humans to either click a link or perform an action to execute an attack successfully. Social engineering attacks can take on many forms, one of which is tailgating attack.
What is a tailgating attack and how does it affect businesses? Read on to learn about tailgating cyberattack techniques, examples, and the steps to avoid them.
What is Tailgating?
Before we dive into the prevention measures and attack techniques, it’s important to answer this question: What does tailgating mean?
Tailgating, otherwise known as piggybacking, is one of the most common physical security breaches that affect businesses today. Tailgating attack is a social engineering practice where an unauthorized user can access a restricted area by following an authorized person.
More often than not, a tailgating attack happens due to a random act of kindness like holding a door for a visitor without ID or a stranger who poses as a worker. However, this security error can cause severe damage to both physical and IT systems.
While tailgating is a physical breach, it can also refer to accessing laptops, gadgets, credit cards, etc. For example, attackers can remember a keypad combination on a door, credit card PIN, or your laptop password while you’re typing.
In the case of the door, nothing hinders them from returning and opening it. With a credit card or laptop, they’ll have to steal the items to access your files or account. When a tailgater has access to your physical systems, it can lead to further cybersecurity breaches and information theft.
Tailgating Attack Techniques
The first step to preventing cyber threats is understanding the techniques hackers use to execute the attack. Knowing the “how” will help employees stay ahead of tailgaters.
Tailgating Employees Through Open Doors
In a corporate setting, it’s a usual practice to hold the door for the person behind you. This act of kindness can grant access to a malicious hacker aiming to steal the company’s resources.
Tailgaters always look for means to slide into the building behind employees. While the beginning of the attack might not be in cyberspace, accessing restricted areas can help cybercriminals gain more ground.
An unlocked computer, a thumb drive left unattended, an open door into a server facility— all of these have the potential to turn into a huge data breach later.
Pretending to Be a Courier
An attacker can pretend to be a courier trying to deliver a package to a person in the company. They may disguise themselves as anything from a pizza delivery person to a repair company staff member, or any similar service employee to gain access.
If your security personnel or receptionist aren’t vigilant enough, the attacker might access the company’s delivery area, and from there, slide into a restricted space.
The “Hands too Full” Trick
Some cyber attackers access their targeted building by carrying multiple packages in their hands (this goes well with the disguise as a delivery person). Your employees’ natural urge to help a stranger can unknowingly harm the company.
The Forgotten ID Scam
Some attackers may try to disguise themselves as an employee of your company. In most cases, these attackers pretend to have misplaced their access ID or left it at home.
Sure, you must train employees not to let strangers into your office building. Still, trespassers might appear familiar with tricks like pretexting. They could even gain the trust of an actual employee and trick them into opening the door or giving up their ID.
In an organization with thousands of employees, not everyone knows each other. Thus, a “Judy from accounting” who knows “Kyle from marketing” might push a trusting person to fall into the trap, even if they don’t recognize the person’s face.
The “I Have an Appointment” Pretense
Similar to the case above, a little bit of research into a company’s employees, and a trespasser might easily “have an appointment with Kyle from marketing” regarding “a new outsourced project.” This can convince the security or receptionist to grant them access to the building.
Stealing Passwords or Pins by Standing Behind a Person
Have you ever noticed a person trying to steal your information while inputting your password or PIN on your mobile device, laptop, or ATM? This technique is called “shoulder surfing.” Shoulder surfers try to avoid being noticed by keeping some distance from their target. But they’re attentive enough to note, and later, use the gathered information.
Tailgating Cyber Attack Examples
An attacker always tries to manipulate their victims through social engineering. Similar to email phishing, tailgating also exploits the human factor. It uses the natural act of kindness, the urgency element, the weirdness of the situation, or some combination of these to be successful. Here’s one example of a high-profile tailgating attack case:
In 2019, a Chinese woman named Yuking Zhang was caught while trying to enter Donald Trump’s Mar-a-Lago club. She used various pretexts like a non-existent event, going to take a swim, and fake club member connections. She also used the language barrier to confuse the security guard. As a result of a search, Secret Service agents found multiple mobile devices, an external disc, a thumb drive containing malware, and two Chinese passports.
How to Spot Tailgating Attack
In most cases, a tailgater wants access to a restricted area. The first red flag is when you notice someone loitering around or trying to rush in while you access a restricted area. Letting people in without checking their access permission could hold potential dangers to the organization.
7 Tips to Avoid Tailgating Attacks
The human factor can stand in the way, so familiarizing yourself with tailgating attacks is the best way to prevent or mitigate their impact. Below are 7 tips to avoiding tailgating attacks.
Attackers leverage company employees for their success. So organizations need to conduct regular cybersecurity awareness training sessions. They must teach their staff to recognize, prevent, and deal with an attack properly.
Besides other social engineering attacks, such a program should familiarize employees with questions like: “What is tailgating attack?” and “What is a tailgater?” How do criminals execute these attacks? Their impact on business should also be a talking point.
Employ security experts to train your employees and test their knowledge by simulating possible tailgating attacks.
Adhere to Security Best Practices
Security best practices might vary depending on your company. Still, wearing a badge, checking in and out, and having a security guard at the front desk should be compulsory. Organizations can also use entry automation with biometrics, install cameras, and find other methods to keep their premises safe.
Employees who claim to have misplaced their badge or left it home should show other proof of employment or go home to get their access ID. Positive reinforcement also results in better security.
Use Multifactor Authentication (MFA)
Multi-Factor Authentication is a strong identity and access management (IAM) policy that helps prevent security threats. Organizations should introduce multiple ways to authenticate and verify their employees before giving them access to the building and other resources like applications and online accounts.
With MFA, even if a person claims to have lost their access card, there are other ways for receptionists and security personnel to verify them.
Implement Smart Cards
The use of smart cards is another anti-tailgating strategy that ensures only authorized individuals access the office premises. Smart cards usually include multiple credentials that security personnel can use to verify employees.
You may have a security system that uses locks, keys, PINs, or smart cards, but they can easily be forgotten, lost, or stolen. Plus, it’s easy for hackers to manipulate employees into giving out their access ID or PIN.
Pairing the physical access system with biometrics secures the organization even more. Using fingerprints or iris recognition on doors is a more reliable and safer way of avoiding tailgaters and managing access to your office buildings.
Limit Entry to One Person at a Time
Multiple employees passing through an entry simultaneously can confuse the receptionist or security personnel. Attackers can easily fit into a crowd and pretend to be legitimate employees of the company. Plus, no biometrics or access control cards can protect your building if people enter in bulk.
One of the best solutions is turnstiles—an excellent way to manage access control. They limit entry to one person at a time, making it easier for security personnel to properly authenticate and verify staff.
Hire Security Guards and Install Video Surveillance
The use of video surveillance throughout your building will help identify strangers, even if they successfully enter the premises. On the other hand, posting security guards at entrances not only offers better customer service but also prevents tailgaters from gaining access to your building.
Security guards also keep track of people entering the building and enforce access IDs.
A hacker or unauthorized person uses social engineering tactics like tailgating to manipulate victims to access restricted areas. A tailgater can pose as an employee, a vendor, or a delivery person.
Organizations should train their security personnel and other employees on how to identify common tailgating techniques. When you notice someone strange, ensure you verify the person properly before letting them into the building.
Social engineering isn’t limited to tailgating. To learn about other attack types and their prevention mechanisms, check out our previous posts. Also, keep an eye on our future ones for more cybersecurity-related articles.