Add on of Physical Security for the
Vulnerability Assessment and Penetration Test service
We comprehensively test
the physical security of your company
Some of the physical security services offered
With encounters that may seem casual, requests for help that point to empathy, or verbal scams, social hackers can have important information about the company revealed. Not necessarily sensitive information like passwords, but also information about the company structure that can then be used to carry out the attack.
Large companies, which have tens or hundreds of employees, perhaps divided into different locations, should pay close attention to the information that is communicated by telephone. There are known cases of hackers who, pretending to be new employees from other offices, managed to have access passwords or security codes revealed.
These techniques fall within the field of phishing , for which we have a dedicated service. These are emails, web pages or otherwise websites that look like legitimate portals, but are instead the work of hackers, who through these copies are able to trick users into downloading malware or entering their credentials.
How to prevent
Rogue Access Point installation
Capture of sensitive data on the network
Man in the Middle refers to a type of attack in which the hacker retransmits or alters messages between two users or machines, obtaining sensitive data from responses.
Similar to Man in the middle attacks, the sniffing of a wifi network intercepts packets between connected computers and the access point and then tries to decrypt them to obtain sensitive data.
Network tampering, Tailgating, Shoulder surfing
Businesses are connected to the telephone and internet networks like any other building. If you can have access to the control units and therefore to the physical connections of the cables, it is possible to install data interception devices passing through a specific cable. Access to the cable can take place by forcing or by using tailgating.
This technique, widely used in the London and New York subways, consists in entering a building by queuing up with an employee and taking advantage of the very short period of time in which the door is closing to avoid using bells or badge. Once inside, the possibilities of attack become manifold.
This technique involves spying on a user who types a password or access code and then re-uses it later. For example: If company doors are protected by a code, it may be easy to wait for an employee to enter it and look at what digits make up the code.
Contact us for more information
Estimated reading time: 5 minutes With the advent of big data platforms, IT security companies can now make guid… https://t.co/aTv41eq2Ir
Estimated reading time: 5 minutes Ogni anno cresce costantemente il numero di attacchi che minacciano la sicurezz… https://t.co/e1g9VBSYq9
Estimated reading time: 5 minutes Every year the number of attacks that threaten the security of devices, comput… https://t.co/MnoEKRNMwk
Estimated reading time: 7 minutes Il vishing è una particolare tipologia di phishing che sfrutta la tecnologia Vo… https://t.co/q9OO03jSHj
Estimated reading time: 5 minutes Come abbiamo già affrontato precedentemente negli scorsi articoli, i ransomware… https://t.co/O8xUUJocYc