What is tailgating and how to protect your company
Protection and defense against cyberattacks have become the focal point of IT security, overshadowing other threats, such as tailgating. However, it’s important to remember that physical security can also be compromised. Tailgating, in particular, poses a significant danger. Unlike scamming, tailgating attacks take place offline and don’t rely on advanced technologies. They can, however, be just as harmful.
What is tailgating?
Similar to phishing, vishing and smishing, tailgating is also a form of social engineering. In this type of attack, a person who is not authorized to go through a secured entrance or checkpoint closely follows an individual who is authorized to do so in order to gain access to a restricted area. The term “tailgating” in its original meaning refers to a vehicle that closely follows behind another vehicle.
In the context of social engineering, tailgating refers to someone who follows closely behind another person that is authorized to go to a restricted area that they want to gain access to. By staying close to the person and entering the area directly after them, they are able to bypass security without being noticed. These types of attacks can occur in office buildings, data centers, hospitals and other security-critical environments. The objective behind such an attack is to steal confidential information or install malicious software.
How are tailgating attacks carried out?
Tailgating attacks are usually simple and rely on predictable human behaviors, such as someone holding a door open out of politeness. Often, attackers engage in a brief conversation with the person that they want to follow in order to establish a semblance of trust. Tailgating is, in essence, a form of deception that takes advantage of a person’s trusting nature. Below are the basic steps that are typically involved in such an attack:
- Identify the target: The attacker selects a building or area they want to enter.
- Blend in: The person behaves in a way that makes it seem like they belong there.
- Seize the opportunity: The person waits until an authorized person opens the door.
- Gain access: Once inside the secured area, the attacker can carry out various harmful actions.
It’s important to keep in mind that tailgating techniques are as diverse as they are bold and can vary significantly depending on the target. The most common tactics are:
- The forgetful employee: The attacker pretends to have forgotten their access badge and asks an employee to let them into the building.
- The emergency: The person pretends to have an emergency to gain access to the victim’s mobile device. Once they have the phone, they redirect it to malicious websites where malware, such as spyware, is downloaded.
- The delivery person: The person poses as a delivery driver. Carrying heavy or bulky items, they wait for someone to hold the door open for them.
- The intern: The intruder pretends to be new to the company and acts as if they are looking for a specific office.
- The preoccupied person: The person fakes a phone call or another type of distraction to give the impression that they are busy and belong to the organization or facility.
- The visitor: The person claims to have an appointment with a real employee and is let into the building based on a sense of trust.
- The false identity: Using a forged or stolen ID, the intruder attempts to deceive security personnel or electronic security systems.
- The distraction: An accomplice distracts security personnel or employees while the perpetrator sneaks into the building.
An example of how tailgating works
By looking at an example, it becomes easy to understand how effective and dangerous tailgating can be, especially when people ignore security protocols or don’t question peoples’ motives. The example below will show how important it is to exercise caution in specific areas of a building at all times. Doing so will help to prevent these attacks from happening.
The headquarters of a large bank is equipped with the latest security technology and has a security guard at its main entrance. A tailgating attacker has identified the building as a target and wants to gain access to the bank’s internal systems to steal confidential information. The attacker has already discovered that external IT technicians go to the headquarters to perform maintenance tasks every Thursday. The attacker gets a uniform that resembles that of the IT technicians and creates fake documents and IDs.
The next day, the attacker approaches the bank headquarters. To appear authentic, they are carrying a toolbox. At the entrance, they encounter the group of real IT technicians. Seizing the opportunity, the person joins them, pretending to be a part of their team. Visually fitting in with the group of IT technicians, they are able to enter the bank without anyone noticing or stopping them as they follow after the others. Inside the building, they ask an employee for directions to a specific server room, claiming to be new to the team. The employee shows them the way. In the server room, the person connects their laptop and begins extracting confidential data. Once they have gathered enough information, they leave the building unnoticed. Through simple tailgating, the attacker was able to discreetly gain physical access to a high-security area and steal valuable data.
How to protect your company against tailgating
When it comes to effectively preventing tailgating attacks, relying on technical solutions is not enough. Tailgating is considered a Layer 8 problem, meaning that human error poses the greatest risk with this kind of security threat. That’s why it’s crucial to also set up measures to increase employee awareness. Below are some things you can do to protect your company:
- Training: Employees should be informed about the risks of tailgating and trained on how to recognize attacks early.
- Cameras: Surveillance cameras can deter criminals and also provide a way to investigate tailgating attacks after they have occurred.
- Two-factor authentication: A system that requires both an ID card and a PIN or a biometric feature (for example, a fingerprint) can reduce the risk of tailgating.
- Physical barriers: Turnstiles, airlocks or revolving gates that allow only one person to enter at a time make it more difficult for criminals to gain access to somewhere unnoticed.
- Visitor management: Guests and external service providers should be registered upon entering the building and required to wear a visitor’s badge that is visible at all times.
- Regular security inspections: Conducting regular checks and tests of security measures help to identify vulnerabilities that may be present.
For effective protection against tailgating, it’s essential to secure IT systems as well. This includes regularly updating software, carrying out backups following the 3-2-1 backup rule and using secure passwords.
- Ransomware attack protection
- Regular virus and malware scans
- Automatic backups and simple file recovery