2023 - week 25
Social engineering at Client X
Share
#AppSysProjectVanDeWeek – Today we're focusing on a special project. As you know, you can turn to AppSys for a security audit. In this process, we examine your entire IT infrastructure, with a crucial aspect being the search for the "weakest link" within the IT environment. Over the past weekend, an AppSys employee went to see how easy it was to gain access at Client X (social engineering). He wore a white T-shirt with a familiar logo on it. Without any difficulty, he was able to enter various sites. He was offered coffee and even had access to the server room, where he left some USB sticks behind. This made it very easy to shut down all systems. Of course, we don't actually do this, but as you can see, it could pose a huge risk.
These forms of social engineering are also known as tailgating and piggybacking. How does a hacker go about this?
In these techniques, the hacker gains access naturally or, for example, pretends to be a delivery person or employee of a utility company to physically enter an office. Offices are often accessible only via key cards or keys, but the hacker attempts to bypass this through these techniques. They strike up a conversation with a receptionist and try to gain trust to further penetrate the building. The goal of tailgating and piggybacking? To gain access to intellectual property and confidential company information.
After the security audit, our client receives a comprehensive report detailing all vulnerabilities. We also immediately suggest possible solutions to enhance the organization's IT security.
Do you also want to know how well your company is protected? Contact us to schedule a security audit or read more information here.
