Not all cyber threats require a computer or technology, despite what one would assume. McAfee states that while “most of us know to take precautions when online — protecting ourselves from things like phishing attacks and other cyber threats — we should also attend to our physical security” as well as our situational awareness. For example, shoulder surfing is an attack in which the threat actor simply watches the victim’s keyboard from over their shoulder in order to steal their login information or other data. It is a rather simple type of attack, which makes it rather easy to forget about during day-to-day life. Another such attack that can harm our cybersecurity by thwarting or circumventing our physical security is tailgating.
What is Tailgating?
A tailgating attack is one in which the attacker “gets physical access to a business to take confidential information or do other harm” (McAfee). At first glance, tailgating sounds much like breaking into a location to steal or cause mischief, but it is a bit more nuanced than that. Usually, tailgating involves taking advantage of a lack of physical security. The most well known type of tailgating attack “involves sneaking into a prohibited place behind a person who is authorized to enter” (Fortinet). In many cases, well-meaning people will often hold doors open for the people behind them without a second thought, even when on their company’s property. Little do they know that the person behind them is a threat actor who is not supposed to be in the building.
Alternatively, someone may wait until you enter a locked door and then quickly catch the door before it can shut and lock without you even realizing. Or, an attacker may wait to see if someone neglects to lock a particular door or window after opening it as a means of “gaining access to a restricted area” (Stouffer). Particularly crafty attackers may manage to get into restricted areas “by impersonating someone with proper access”, ranging from delivery handlers, to employees, to building inspectors (Stouffer). Unfortunately, some individuals will even go as far as attempting such things to unsuspecting individuals in their own homes, which is why it is important to remain vigilant and skeptical no matter if you are at home or in the office.
McAfee outlines some of the common ways that tailgating attacks are carried out in a company or worksite setting:
Someone walking behind you into a secure area, depending on your common courtesy to keep the door open for them
A courier or delivery driver who aren’t what they seem
Someone with their hands full of items to trick you into opening the door for them
A person who claims they’ve lost their work ID or forgotten it at home, so that you grant them admittance.
MacAfee
In some cases, tailgating attacks are paired with social engineering, as described by Fortinet in the below examples:
The intruder asks someone to “hold the door”: A perpetrator may pretend to be a coworker and ask someone entering a building to hold open a door. To reinforce the impression that they are indeed a fellow employee, the attacker may say they have forgotten their ID card, hang out in easily accessible break areas, or even strike up a conversation with real employees. In this kind of attack, tailgating also involves social engineering because the attacker is manipulating the target.
…
The attacker borrows a device: An attacker may ask to use an employee’s laptop or smartphone, saying that their battery is dead, for example. The attacker then installs harmful software or copy the victim’s credentials.
Fortinet
Dangers of Tailgating Attacks
While some threat actors will attempt a tailgating attack on an individual, companies and organizations “are often the most at risk for tailgating attacks” (Stouffer). This is likely because it is, in some ways, easier to perform this type of attack on a company or worksite as opposed to someone’s private home. McAfee states that companies “with many employees, often moving inside and out of the premises, with multiple entrance points into a building, that receive deliveries of food, packages, documents, and other things regularly, that have many subcontractors working for them, [or]where employees aren’t thoroughly trained in physical and cybersecurity protocols” are the most susceptible to tailgating attacks.
There are a variety of dangers that tailgating attacks pose. If an attacker is able to successfully tailgate into a building or restricted area, they can “steal sensitive information, damage property, compromise user credentials[,] or even install malware on computers” (McAfee). A disgruntled former employee may decide to take a sledgehammer to the company servers, a crafty hacker may sneak a malicious USB drive onto someone’s desk, or a thief out for money may steal a company’s technology or equipment. No matter the perpetrator or the motive, tailgating can pose a great nuisance for a company, which is why it is important to know how to stay safe.
How to Stay Safe from Tailgating Attacks
As mentioned previously, having good situational awareness is a great way to thwart tailgating attacks. It is extremely important to “be aware of your surroundings when entering a restricted area. You can do this by looking around before unlocking the entrance, closing the door behind you, and ensuring nobody tries to sneak through” (Stouffer). These three steps are simple yet extremely effective in stopping a tailgating attack in its tracks. Furthermore, it is important to remember that “[if] you ever come across a stranger or any suspicious behavior in your day-to-day activities, it’s best to report the individual to the appropriate team members” (Stouffer).
Beyond situational awareness, there are various security measures that can be put into place to help prevent (or mitigate the effects of) tailgating. For example, “fully staffed reception areas with dedicated security personnel could also be part of a larger security system” and can help discourage tailgating (McAfee). Additionally, Fortinet describes three commonly-used security measures below:
Use physical barriers: Turnstiles are excellent for places with a lot of traffic because they only allow one authorized person through at a time.
Use a video monitoring system: You can recognize tailgating situations as they happen by watching live video footage. When more than one user enters using a single credential, you can see when the intrusion happens.
Use sensors that count the people entering and leaving the premises: With this system in place, you get automated notifications as tailgating incidents happen because it can detect multiple people entering despite only one with access credentials.
Fortinet
McAfee also suggests that companies incorporate “artificial intelligence (AI) and video analytics” into their security camera systems “to scan the faces of people entering and compare them to a database of employee features”, which can further increase the security of a location (McAfee). However, this sort of measure should be thoroughly tested to limit the amount of false positives and negatives produced by the AI. Furthermore, incorporating AI into a surveillance system could raise potential privacy concerns depending on how much data the AI model is trained to collect.
Finally, using “smart badges and cards to access restricted areas” or even biometric fingerprint/face scanners “can help cut back on unauthorized intrusions and provide better access control” to a given location(McAfee). Keycards make it much harder for someone to tailgate their way into a building and can often be configured to permit varying levels of access (such as access only during certain times or only to certain rooms). However, it is important that all employees- regardless of keycard access or level in the company– are aware of the threat of tailgating to ensure that this security measure is not circumvented.
Resources & Further Reading
Fortinet. “Tailgating Attack: Examples and Prevention.” Fortinet, Fortinet, Inc, www.fortinet.com/resources/cyberglossary/tailgating-attack.
McAfee. “What Are Tailgating Attacks and How to Protect Yourself from Them.” McAfee Blog, MacAfee LLC, 20 Oct. 2022, www.mcafee.com/blogs/internet-security/what-are-tailgating-attacks/.
Stouffer, Clare. “What Is a Tailgating Attack + How to Protect Yourself – Norton.” Us.norton.com, Gen Digital, Inc., 13 June 2023, us.norton.com/blog/emerging-threats/tailgating-attack.
The H.A.C.K.E.R. Project 
Leave a comment