In the world of information security, there is a certain culture of appreciation for hacking skills. Kernel hackers, for example, are highly respected because finding vulnerabilities hidden within millions of lines of code is not an easy task. Two other hacking activities that rank pretty high on the underground totem pole are social engineering and physical penetration testing.
Hackers who are able to breach data networks by physically breaking into server rooms, ideally through a few social engineering techniques, are considered to be at the top of their game; they garner respect in the cyber crime world because they dispense with the relative safety of being behind a computer screen, and they actually come into close contact with their targets.
Defeating physical security used to be a main technique used by hackers to breach networks. Things later changed in the computer underworld, and hackers started taking pride in their ability to penetrate systems from remote locations and without leaving a trace, but it seems as if we are coming full-circle in this regard.
In 2008, for example, a data center in Chicago was subject to an armed robbery incident whereby the perpetrators were only interested in taking specific servers. This robbery was hailed in underground internet forums as the return of “physical penetration testing.”
Over the last few years, SynchroNet security specialists have been observing a growing nexus between cyber and physical security. In essence, some hackers are becoming frustrated with increased digital security, and they see physical penetration testing as a viable methodology to get what they are after.
If a cybercrime group has unsuccessfully tried to breach a network through Trojan horse attacks or even root kits, their next logical step would be to try phishing or social engineering. If that fails, they will look into the possibility of actually breaking into the facility where the target servers are located.
Most hackers will try to stay away from using brute force when breaching physical security. Most of the time, they will look at the possibility of defeating security measures such as cameras, sensors, locks, and even guards; this is known as physical penetration testing. If they see that the crime at hand it’s still too difficult, they will look for other ways to breach the physical realm, and this is when social engineering may come into play.
Hackers see social engineering as a form of art that involves impersonation, manipulation, and deceit. Let’s say a cybercrime gang wants to steal a private cloud server from a law firm; if the last piece of their physical security puzzle involves a PIN code to unlock the door to the server room, they will likely try to get it from someone in the office through bogus phone calls or email messages.
In this particular example, they may impersonate a technician who is in charge of repairing digital locks. They may even resort to dumpster diving which is basically looking through the trash for discarded documents containing usernames, passwords, or PIN codes.
With all the above in mind, it only makes sense that physical and cyber security are gradually merging. We can no longer give preference to one over the other. At SynchroNet, when we design security plans for our clients, we take into consideration all the physical aspects of facilities that could be subject to “physical hacking” or social engineering.
If all your digital assets are in the cloud, and if they are protected with strong passwords, data encryption, and full backups, your physical security requirements will not be as extensive as if you keep servers and workstations in the office. At any rate, adequate cybersecurity begins with proper physical security. If you are in need of assistance with planning network security for your business, please contact our office today so that we can figure out the steps you should take.