Cyber & Physical Security Gaps In The Workplace

Cyber & Physical Security Gaps In The Workplace – What You Need To Know

Digital technology should do more to prevent physical break-ins because once an attacker gains access to your hardware – it’s game over.

How attackers exploit the cyber and physical gaps in your security to wreak havoc on your infrastructure

What we’ve learned in the last two years is that criminals took advantage of empty workspaces to do the old-fashioned break-and-enter, completely bypassing border protections on the network. It is alarming how securing physical spaces has been overlooked in favor of cyber defense when the smart play is the convergence of both.

Digital technology should do more to prevent physical break-ins because once an attacker gains access to your hardware – it’s game over. Here’s how attackers exploit the cyber and physical gaps in your security, to wreak havoc on your infrastructure according to Resolver. according to Resolver.

Examples Of Physical Threat Vectors Compromising Digital Security

An infected USB drive is planted in the office which an employee picks up and loads onto the network.
An attacker breaks into a server room and installs rogue devices that capture confidential data.
The internet drop line is accessible from outside of the building, allowing an attacker to intercept data or cut the line completely.
An attacker pretends to be an employee and counts on a real employee’s courtesy to hold the door for him as they enter together.
An inside actor looks over the shoulder of a system engineer as they type administrative credentials into a system.
An attacker sends a small device through the mail, the size of a business card, to transmit signals that compromise your network. Security experts call this tactic “warshipping”.

Examples Of Physical Attacks Enabled By Cybersecurity Gaps

An attacker shuts down internet-connected security cameras, allowing a break-in to go undetected, deleting footage, etc.
The internet-facing keycard access system is compromised, allowing an attacker to grant or remove physical access to the building.
Network-connected manufacturing systems can be attacked and shut down, causing loss of productivity or a safety incident.
CPU-intensive malware can be loaded onto a server cluster which spikes power consumption, resulting in overheating, brownouts, or a total loss of power.
Ransomware on a hospital network can prevent physicians from accessing patient records and delivering necessary care.

Physical Threats Enabled By Digital Security Vulnerabilities

Interconnected and cloud-based security have caused some organizations to unknowingly expose themselves to risk. By opening their controls up to network-based attacks, attackers are able to remotely disable physical controls and gain physical access to systems containing confidential data.

This type of digital attack is usually aimed at industrial and manufacturing operations, where network-connected Industrial Control Systems and Programmable Logic Controllers govern automated manufacturing.

While these systems have traditionally been in closed-circuit configurations, the rise of automation and software-defined processes have pushed these systems onto corporate networks – or, in the worst cases, onto the worldwide web!

When an attacker can gain control of machines weighing thousands of pounds, it could potentially create incredible destruction when used improperly and endanger human lives.

The Best Defense Is Convergence

Physical and cybersecurity convergence comprises networks, applications, security systems as well as people doing practical things, to secure both environments. Below are recommendations for securing the physical and cyber world through the convergence of tried-and-tested analog mechanisms and digital automation.

When feasible, don’t connect your physical security controls to a network or cloud, and especially not to the public internet. Obviously, this is going to come at a cost of convenience and functionality but if your buildings don’t require a complex network-based access system, don’t implement one
If your cameras don’t need to be accessible from outside the building, don’t put them on the internet; if only a few people ever need to access the server room, consider locking it with a traditional key or combination-lock pad rather than a badge system that could be compromised.
Create and enforce a policy requiring employees to take their laptops home every night. This strategy will reduce the likelihood of both theft and unauthorized access, as well as minimizing impact in the event of an overnight disaster at the office.
If your business is in manufacturing or industrial markets, heavily scrutinize and evaluate plans to connect equipment to a network prior to execution. Ensure that any business case for doing so will outweigh the considerable risk of putting these systems on a network.
When performing risk assessments and control designs, always factor in a scenario where an attacker has gained physical access to the building and is standing in front of the system or device. How will you stop them from causing real damage?
Disabling unused ports, locking servers into racks (and the racks bolted to the floor), MAC address whitelisting, and wireless site surveys don’t require much effort and will go a long way in adding another layer of defense.
Implement multi-factor authentication (MFA) wherever it’s reasonable to do so. This includes WiFi connections (or 802.1X for hardwired devices), accessing email from outside the building or on a new device, and logging in to production systems, both on-premise and in the cloud. Even if an attacker gains physical access to the building and boots up a computer, MFA will prevent them from logging into the system, and in a best-case scenario, will generate an alert that can be forwarded to the security response team.
Equip spaces with intrusion detection systems can sound off the alarm for malicious entry.
Innovative mail screening technology provides scalable, safe, and greater visibility into more minor threats in a workplace.

Bridging The Gap Between Physical and Cyber Security

A well integrated security architecture connects the physical and cyber worlds through intelligence sharing, visibility, control, and automation. Protect your organization from malicious intruders, both virtual and physical, and ensure that your infrastructure is not compromised.

Accomplish More With UDT

Get your custom solution in cybersecurity, lifecycle management, digital transformation and managed IT services. Connect with our team today.

More to explore

Crafting a Futureproof 1:1 Device Strategy for School Districts

In the evolving landscape of Education Technology, crafting a futureproof 1:1 device strategy is crucial. This strategy should link every student, teacher, and administrator experience with specific device specifications. The integration of educational apps into the curriculum can significantly enhance the learning environment. These apps, tailored to the needs of students, can provide interactive content, fostering a dynamic learning experience.

Optimizing Your K12 Tech Investments: Funding 1:1 Device Programs

This blog will guide school districts grappling with the financial and resource demands of implementing a successful 1:1 device program amid ongoing challenges of budget constraints and competing priorities. Our guided workbook, created in partnership with Intel, provides further support with personalized roadmap on “Pathways to Innovation: Building a Sustainable Digital Learning Environment”.

K12 Cybersecurity: How to Secure 1:1 Devices in Your School District

This blog post delves into the importance of security, cybersecurity, and data privacy in school districts implementing 1:1 device initiatives. It offers basic steps for evaluating, planning, and executing a security strategy. Our guided workbook, created in partnership with Intel, provides a personalized roadmap on “Pathways to Innovation: Building a Sustainable Digital Learning Environment”.

Lost & Stolen Devices are a Serious Data Security Threat—Here’s Why

Since the pandemic, remote and hybrid work has become the norm. While mobile devices and remote workstations have empowered great flexibility, it has also led to an increase in data security problems due to lost, misplaced, or stolen devices. Find out how remote and hybrid setups are contributing to this problem and how to protect yourself and your organization.

Ransomware Gangs Adding Pressure with ‘Swatting’ Attacks—Here’s What You Need to Know

Ransomware gangs are implementing new extortion tactics to encourage victims to pay up. Swatting is becoming an increasingly popular tactic. It involves calling law enforcement to falsely report a serious, in-progress crime triggering an extreme response such as an armed raid from the SWAT team. Explore how cybercriminals are using this tactic and what you can do to prevent it from happening to you.

Smishing Attacks are on the Rise—Here’s How To Keep Your Data Safe

Smishing attacks are on the rise, posing a significant threat to data security. Originating from a blend of SMS and Phishing, these attacks have seen a drastic increase since 2020. The widespread use of smishing attacks has persisted, with a lack of awareness being a major issue. Many view these as simple spam messages, unaware of the danger they pose. This blog aims to raise awareness about smishing and provide actionable insights to protect yourself and your organization.