February 19, 2007 at 15:13Smokers undermine information security
Where the smoker - there is an open door. A total ban on smoking in offices makes nicotine-addicted computer people run outside. The back door is left open for them. According to British experts, social hackers can use this “hole”.
The British consulting company NTA Monitor , which specializes in IT security, conducted an experiment . During this experiment, the hacker was able to easily enter the corporate building through the back door, which was left especially for smokers. Inside the building, a hacker, using social engineering methods, entered the meeting room. The staff of the company took him there and left him alone.
The hacker did not need a pass to enter the building. He simply waited for the smokers to finish their smoke break, and then entered through the same door. After a few minutes, he was already able to connect his laptop to the corporate VoIP network - right from the meeting room. Fortunately, in this company, the data network was separated from the VoIP network, so unauthorized access caused some problems. In most other companies, a hacker in a few minutes would copy all the necessary data and calmly leave the building.
Roy Hill, CTO of NTA Monitor pun: “It used to be that companies left the back door open in the sense of computer security. Now they are literally leaving it open to smokers. " This is especially dangerous due to the fact that hackers are increasingly using social engineering methods to penetrate corporate networks.
The specialist emphasizes that the "hole" in computer security has arisen due to new legislation in the USA and some European countries, which prohibits the creation of smoking areas in office buildings. In July, this law will enter into force throughout the UK.
The British consulting company NTA Monitor , which specializes in IT security, conducted an experiment . During this experiment, the hacker was able to easily enter the corporate building through the back door, which was left especially for smokers. Inside the building, a hacker, using social engineering methods, entered the meeting room. The staff of the company took him there and left him alone.
The hacker did not need a pass to enter the building. He simply waited for the smokers to finish their smoke break, and then entered through the same door. After a few minutes, he was already able to connect his laptop to the corporate VoIP network - right from the meeting room. Fortunately, in this company, the data network was separated from the VoIP network, so unauthorized access caused some problems. In most other companies, a hacker in a few minutes would copy all the necessary data and calmly leave the building.
Roy Hill, CTO of NTA Monitor pun: “It used to be that companies left the back door open in the sense of computer security. Now they are literally leaving it open to smokers. " This is especially dangerous due to the fact that hackers are increasingly using social engineering methods to penetrate corporate networks.
The specialist emphasizes that the "hole" in computer security has arisen due to new legislation in the USA and some European countries, which prohibits the creation of smoking areas in office buildings. In July, this law will enter into force throughout the UK.