What is a Tailgating Attack?

A tailgating attack is a physical security threat in which an attacker gains access to a secure area. This is accomplished by following someone with legitimate access to the space, such as an employee.

 

Read the Forrester Wave™ Report Request a Demo

How Does It Work?

Tailgating is a common form of social engineering attack. Social engineering attacks use trickery, deception, or coercion to induce someone to take actions that are not in the best interests of themselves or the organization.

A tailgating attack can use various methods to provide the attacker with access to the secure area. The attacker might trick an employee into thinking that they have legitimate access, follow them through an open door without their knowledge, or use bribery or other coercion to get them to open the door.

The Threat to an Organization

Tailgating is primarily a threat to an organization’s physical security. A successful tailgating attack enables the attacker to bypass the organization’s physical defenses (locked doors, fences, etc.) and gain access to a restricted area.

This physical access can pose various threats to an organization. Some examples include:

  • Device Theft: An attacker can steal computers, mobile phones, and other devices and items that are located within the restricted area. These stolen items could be sold or used to carry out follow-on attacks.
  • Data Theft: Employees may leave sensitive documents on their desks, or their computers unlocked within a secure area. An attacker with physical access may be able to steal sensitive information from the organization.
  • Compromised Devices: Physical access to a device can enable an attacker to bypass software-based defenses against cyberattacks. Tailgating attacks can provide this access, allowing an attacker to install ransomware, keyloggers, or other malware.
  • Sabotage: An attacker with access to an organization’s devices and other infrastructure can potentially sabotage their operations. These destructive actions could be permanent or intended to be temporary and used to hold the organization for ransom.

Common Tailgating Methods

Tailgating attacks are commonly performed via trickery. Some of the more common pretexts that tailgaters use include:

  • Lost/Forgotten ID: A tailgater may pretend to be an employee that has lost or forgotten their employee ID at home. They would then ask an employee entering the building to let them in as well, “just this once.”
  • Delivery Driver: The issue with masquerading as an employee is that the legitimate employee might not let in anyone that they don’t recognize. Another common pretext is to pretend to be a delivery driver carrying a load of packages.
  • Hands Full: Whether or not they’re pretending to be a delivery driver, a tailgater may deliberately have their hands full when approaching the door to the secure area. People are more likely to hold the door for someone who looks like they are struggling.
  • Open Doors: An employee might prop a door open for some reason. A tailgating attacker can take advantage of this to gain access to the secure area.
  • Copied ID: If an attacker can steal a user’s ID or device, they may be able to copy the credentials used to unlock the door to the secure area. This would allow the attacker to masquerade as a legitimate employee and gain access.

How to Protect Yourself from Tailgating Attacks

Some of the ways that companies can protect themselves against these attacks include the following:

  • Employee Training: Training employees not to hold open doors can help to protect against tailgating attacks. Employees should always require other employees — even those that they recognize — to badge themselves in.
  • Physical Defenses: Companies can protect against tailgating via physical defenses such as turnstiles or access control vestibules. These only allow one person through at a time, protecting against tailgating.
  • Access Controls: Biometric access control systems identify employees based on unique physical characteristics. This protects against tailgating and stolen/copied IDs.
  • Monitoring Systems: Video surveillance or security guards can help to detect, prevent, and deter tailgating attacks.

Protecting Against Social Engineering with Check Point

Tailgating is a social engineering threat targeting physical access to an organization’s secure areas. Using trickery, deception, coercion, or other means, an attacker may be able to bypass physical defenses and gain access to an area where they can carry out other attacks. However, tailgating is only one of many social engineering threats that an organization faces. To learn more about the various social engineering threats and how to manage them, check out this eBook.

 

The biggest social engineering threat that most organizations face is phishing, which uses email and other messaging systems to steal sensitive information and deliver malware. To learn more about how to protect your organization against phishing attacks, sign up for a free demo of Check Point Harmony Email and Collaboration.

 

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK