What is Tailgating in Cyber Security?

A few years ago, a security professional tried an experiment. His name was Colin Greenless. Colin pretended to be an IT consultant to gain access to a FTSE-listed financial services company. The ruse he pulled off is known as tailgating, a low-tech social engineering attack that can be as damaging as a cyber-attack. Colin planned out the attack meticulously, gathering intelligence on his target. Once he had the information needed to exploit the target, he applied clever psychology, like the willingness to help and do a good job. By manipulating people, Greenless convinced staff to hand over their login credentials. Greenless performed this test to demonstrate to the target company how easy it was to access their computer network. But in real life, tailgating is no test, causing actual harm to the organizations that are victims of the criminals using the technique.

Protecting employees against cyber-attacks is essential, but understanding how other social engineering tricks like tailgating work can be prevented is just as important. TitanHQ delves into the world of the tailgater to explain what this low-tech cyber threat looks like and how security awareness training can help prevent it.

How Does Tailgating Work?

You may have already heard the term "tailgating" in the context of driving. In this scenario, a vehicle behind your car pulls up too close, preventing you from safely stopping. In the context of security, tailgating describes someone overstepping personal space to gain entry or information that would otherwise be off-limits. Tailgating uses social engineering tricks to obtain this entry or information. Once the tailgater has access, it will steal data, install malware or ransomware, or perform other nefarious deeds. As such, tailgating can be considered low-tech hacking, often combined with cyber techniques to cause harm to an organization.

The Outcomes of Tailgating

Apart from the apparent violation of employee trust, tailgating is used to perform various harms:

Unauthorized Access

Tailgaters often attempt to gain access to computers or other devices. They may obtain this by tricking employees into sharing their passwords, as 34% of employees share passwords with coworkers. Also, the attacker could ask to share a password of a less sensitive app only to use it with an app that holds customer or employee data; more than half of employees will reuse the same password for all work-related accounts.

Theft

Tailgating can lead to the theft of computers and their devices. The attackers could also steal personal items from employees.

Data theft and Exposure

If a tailgating attacker can access a computer, they could potentially gain access to sensitive data. The attacker may be able to leverage login credentials that can then be used to escalate privileges. Any available data can then be exfiltrated and used to commit further crimes, harm the company's reputation, or sell on to cyber criminals. The theft and exposure of data also lead to non-compliance fines.

Malware and Ransomware Installation

Access to computers and networks allows a criminal to install harmful malware like ransomware. Keyloggers can also be installed and used to send further login credentials and other sensitive data to the criminal once they have left the building. This leaves the door open to carry out remote cyber-attacks.

Industrial Espionage and Sabotage

Industries like manufacturing are especially susceptible to industrial espionage and sabotage, but this can occur in any company. Industrial espionage often requires the theft of sensitive and proprietary information. Cyber-attacks are one method of obtaining this data, but tailgating can be another way to steal proprietary information.

Danger to Employees

Tailgaters are intruders and could pose a risk to employees.

Typical Tricks Used During Tailgating

Tailgating can use various tricks and manipulation to gain unauthorized entry or obtain information, like login credentials. However, some of the more common methods used in tailgating include the following:

• Walking behind you as you enter a restricted area, gaining entry without entering a key code or access card.
• Pretending to take a call to avoid speaking with a security guard (a tactic used by Colin Greenless.)
• Wearing the uniform of someone who regularly enters the building, like a delivery person.
• Playing on people’s willingness to help, e.g., having your hands complete so you can’t open a door, then getting a member of staff to use their entry code for access.
• Copy or fake an ID card.

34% of employees share passwords with co-workers.

How is Tailgating Linked to Social Engineering?

Tailgating involves many methods and limitless tactics that open doors for attackers. However, manipulating human behavior is essential to a successful tailgating attack. Social engineering, i.e., using deception to encourage people to perform an action that benefits an attacker, is central to tailgating.

Tailgating may be a low-tech attack method, but tailgating takes advantage of human behaviors like its cyber cousin, phishing. Tailgaters manipulate people into opening doors, sharing passwords, using behaviors like group conformism, and paying it forward (you do me a favor, and I'll do the next person a favor). People act in specific ways to keep the status quo. People like to help, keep work on an even keel, act in synchronicity with coworkers, and lend a helping hand. Tailgaters socially engineer employees into thinking they are coworkers, delivering an essential package, or needing help understanding an app. As such, being able to manipulate people is a core tactic of tailgating.

In the real world, tailgating breaches often lead to physical or digital harm to an organization. For example, in 2019, a woman accessed a restricted area of the Mar-a-Lago Trump Resort using social engineering tactics. The woman entered the premises carrying mobile devices, a laptop computer, and a thumb drive containing malware. The woman pretended not to speak English well and misunderstood questions from security staff; consequently, she was admitted without question.

How can TitanHQ Prevent the Damage from Tailgating?

Unauthorized access is not just an issue for cyber security; it is a general problem that requires a human-centric solution. Tailgating exploits human behavior. To counteract tailgating, a company must include the techniques and tactics used by criminals who exploit physical attack methods. These physical methods often lead to the same outcomes as a cyber-attack, like malware infection and data theft. Therefore, training employees to identify tailgating as any cyber threat is as important.

TitanHQ provides a comprehensive security training awareness program covering all security aspects, including social engineering. SafeTitan provides social engineering training that teaches employees how to identify attempts to manipulate them into performing tasks that would benefit a criminal. SafeTitan is a behavior-led security awareness solution tailored to help individuals focus on their strengths and adjust to weaknesses. With regular tailored training, an employee can identify and stop a criminal's manipulative efforts using tailgating tactics.

SafeTitan also helps employees understand how a clean desk or lock screen policy can help prevent tailgating.

Security awareness training for staff will help prevent a successful tailgating attack alongside security measures such as security audits, CCTV surveillance, and robust physical access controls.