Cyber-attacks have increased exponentially in the last five years. And that is why every organization is investing heavily in its security. But these days, the hackers are very smart. They keep on finding new ways to exploit the system to gain access. There are several attacks that they have in their bag to try. One of the very popular ones is Social Engineering attacks.
Social engineering is a form of a technique used by cybercriminals in order to manipulate an individual in providing their confidential or personal information that can be used for fraudulent activities. It is also commonly referred to as hacking the human because it involves manipulating human beings to provide sensitive information or sensitive details. The lack of cybersecurity culture makes social engineering attacks one of the most dangerous threats on the network. These attacks are executed through the first line of defense in the organization, the employees.
Now, there are many attacks that come under the Social Engineering umbrella, Tailgating (also known as Piggybacking) is one of them. In this article, I will talk about tailgating attacks in detail.
What is a tailgating attack?
Tailgating is a social engineering attack where the attacker gets inside a restricted area without proper authentication. It is also known as piggybacking. The tailgater attacker and walk behind a genuine authorized person to get inside the restricted access area. It is one of the most common innocent and common breaches in the hacking world. In this scenario of attack, the cyber threat actor tries to trick an employee of the targeted company in order to get inside access of that company.
It is an act of using someone to gain access to an area where you do not have access or authorization to enter. That is why this attack is a physical cyber-attack. There are many ways you can tailgate. You can simply follow someone after they have tagged in or pretend to be someone else and enter right after an individual has entered the given premises. The simplest way to protect yourself from tailgating is by verifying an individual’s ID prior to them entering given premises. A classic example of tailgating is an individual dressed up as a delivery driver holding several boxes in his hand waiting for someone to enter an office building. As soon as an employee tags in and verifies his/her identity, the attacker asks the employee to simply hold the door and gains access through the authorize individual. This example clearly tells that attackers execute a tailgating attack after a lot of planning and in advance in the area of social engineering.
Tailgating or Piggybacking
Piggybacking is a form of social engineering. It is an act of being able to access an area that is normally sealed off by some type of access control systems such as badges or passcodes or biometric scans or things of that nature. Most of the time tailgating and piggybacking are considered the same kind of social engineering attacks, which is almost right. Both of them are social engineering practices that are used to exploit human behaviour by using an authorized personnel’s credentials to get into the restricted area without letting them know.
The difference between the two terms is that piggybacking implies that the person who has opened the door with their credentials knows that others are following them in through the secure door. In comparison, tailgating means that others are following through the door without the knowledge of the person who has opened the door. So, a piggybacker would have the consent of an authorized person allowing him the access, while a tailgater simply enters the premises without any consent.
How big is the risk of tailgating?
Tailgating is not a technical cyber-attack like DDos attack or phishing. This attack is physical and can cause a huge amount of damage to an organization through data breaches, data manipulation or theft, malware attack by malicious software deployment, etc. The prime motive of deploying tailgating attacks always is to steal confidential information for malicious purposes.
Suppose the attacker is successful in executing the tailgating attack, the losses and be in millions. There are several examples in the past where social engineering attacks like tailgating have cost big time to the tech giants. Barbara Corcoran, a judge on Shark Tank lost 400K $ in 2020 by a social engineering scam. In 2017, the Ethereum Classic website got hacked, which led to the loss of thousands of dollars.
How to prevent tailgating?
These are the practices and methods which you can implement to avoid tailgating attacks:
- Staff Education: Explain the risks of tailgating and why staff should never open the door for someone they do not know. The employee needs to be educated about such attacks.
- Reception Staff: Having a reception staff will help prevent unauthorized persons from entering the building.
- Photo ID Card: This card is given to the employees and the security guard can verify if the photo on the card is of the same person holding that card or not.
- Visitor Badges: Visitors and temporary employees should wear identification cards or badges to indicate they are authorized to be in the building.
- Video Surveillance: Cameras should be installed to record everything at all the entries to the building. The guys watching the video can look for any suspicious activity by any individual.
- Biometrics: The machine takes the employee’s thumb signature and allows only the company’s registered employees to enter its premises.
- Security Guards: Sounds very obvious but the security guards can help in keeping the tailgaters away by staying vigilant.
- Avoid talking to strangers on office premises and allowing them to enter with your credentials.
- Always lock your system when you are at your workstation.
There are ways such as multifactor authentication, smart cards, facial recognition, etc., to tackle tailgating attacks. These methods will help you in keeping the workplace in the organization safe.
Tailgating Attack Techniques
Understanding the methods hackers use to carry out attacks is the first step in preventing cyber-threats. Employees will be able to stay ahead of the tailgaters by understanding the “how”.
Tailgating Employees Through Open Doors
It is a common practice in a corporate environment to open the door for those behind you. This act of kindness could allow a malicious hacker to gain access to the company’s resources.
Tailgaters are always looking for ways to slip into buildings behind employees. Although the attack may not have begun in cyberspace, cybercriminals can gain more ground by gaining access to restricted areas.
Unlocked computers, thumb drives left unattended and open doors into server facilities are all potential sources of data breaches.
Pretending to be a Courier
An attacker could pretend to be a courier to deliver a package. To gain access, they may pretend to be a delivery man or repair worker.
If the receptionist or security staff aren’t vigilant, an attacker could gain access to the delivery area of the company and slide into a restricted area.
The “Hands Too Full” Trick
Cyber attackers may have multiple packages in their hands, which can be used to gain entry to their target building. This is similar to the disguise of a delivery person. Unknowingly, your employees can harm the company by their natural instinct to help strangers.
The Forgotten ID Scam
An attacker may pretend to be an employee of your company. These attackers may pretend to be employees of your company and misplace their access ID.
You must make sure that your employees are trained to not allow strangers in your office. Even though they might be familiar with pretexting and other tricks, trespassers could still appear to be able to get in on your office building. They might even be able to gain the trust and confidence of employees by tricking them into opening the doors or handing over their ID.
There are thousands of people in an organization. Not everyone knows the other. A “Judy” from accounting might know “Kyle” from marketing and could convince a person to trust them, even though they don’t recognize their face.
The “I Have an Appointment!” Pretense
Similar to the above case, a little research into a company’s employees can help a trespasser “have an appointment [with Kyle from marketing] regarding “a new outsourced job.” This can convince security or the receptionist to allow them access to the building.
Stealing Passwords and Pins by Standing Behind Someone
Have you ever been approached by someone trying to steal your personal information? This is known as “shoulder surfing” and it’s a technique that aims to keep their target from being noticed. They are able to notice and then use this information later.
Tailgating Cyber Attack Example
Social engineering is a method used by attackers to manipulate victims. Tailgating is similar to email phishing. To be successful, it uses the natural act or kindness, urgency element, strangeness of the situation or a combination of all of these. Here’s an example of high-profile tailgating:
Yuking Zhang, a Chinese woman, was stopped by Donald Trump’s Mar-a-Lago club in 2019. She claimed she was going to a swimming event and that there were no events. To confuse security guards, she also used language barriers. Secret Service agents searched for multiple devices and found a thumb drive with malware. They also found two Chinese passports.
Social engineering attacks like tailgating are used to exploit humans by claiming to be employees, vendors, or support personnel to try to trick the employee. People are trusting and willing to help others and the attackers use that to their advantage by deceiving users into revealing information that compromises data security. Traditional protection from malware and viruses will not protect you from a tailgating attack. Once they gather bits and pieces of the organization, they will be able to put the puzzle together and exploit the business. So, beware of tailgating attacks!