Where there’s a will, there’s a way—and, for black hat hackers, there’s always a will and a way to get what they’re after.
As a decision maker or IT professional in your organization, you’ve likely set up strong defenses against virtual threats facing your network, such as phishing, social engineering, business email compromise scams, etc. But what about the security threats physical devices pose to your systems—for example, USB devices, employees’ personal devices, hardware running on legacy systems, and even locks on office doors, and old paper documents?
Using malicious USBs, exploiting vulnerabilities in outdated hardware, or by physically getting their hands on network-connected devices, it’s almost too easy for threat actors to gain access to your environment these days. However, there are simple ways to thwart cybercriminals from carrying out their nefarious attempts against your organization.
Today’s blog will focus on some seemingly innocuous, yet effective, tactics malicious actors use to enter and wreak havoc on your network, and equally proven methods to mitigate their attempts.
Physical Factors Threatening Network Security
Unfortunately, cyberincidents caused by physical devices are probably the most difficult to recognize or mitigate. Additionally, since the hacker typically has physical access to the device in these instances, the possibilities for destruction are endless. A few ways someone with physical access can enter your network include:
USB devices—The threat of USB devices has evolved from using flash drives to perform malware exploits to now sniffing out user credentials, acting as a keyboard to issue commands to the control system, or installing backdoors. In fact, there are at least 29 different types of USB threats that can be carried out against your organization. Also, without immediate access to a connected device, cybercriminals will often share malicious flash drives with unsuspecting employees to gain remote access.
Personal devices—While a bring-your-own-device (BYOD) policy can also introduce a wealth of business benefits, such as reduced overhead cost, increased job efficiency, and flexibility, it can also lead to a myriad of data privacy and cybersecurity risks. Any existing vulnerabilities on your employee’s personal devices used for work are a welcome mat for threat actors to your network.
Outdated hardware—Just because an older device gets the job done doesn’t mean it’s safe to conduct business with. While out-of-date, unpatched legacy systems grow older, cyberthreats grow more sophisticated. These systems are a low barrier of entry for cybercriminals trying to interject themselves into your environment.
Unrestricted access to network connected devices—Not everyone in your organization needs access to every device or, in some cases, any device at all. For example, the cleaning crew, delivery personnel, or other visitors to your office should never have physical access to an employee’s device. Once they do, an inconspicuous cybercriminal is able to carry out any number of threats, or easily get their hands on business-critical information or customer data, subjecting your organization to a data breach.
Paper documents—If you’re still holding on to paper files, now is probably the time to digitize all that information. Keeping physical documents on hand not only takes up space and increases inefficiencies, but can also be a security hazard. Just like digital documents, if a piece of paper with business critical information on it falls into the wrong hands, your company is suddenly at risk. However, unlike digital documents, paper can’t be encrypted or include anonymized data. When you do decide to convert paper files to digital ones, though, make sure you’re properly discarding the physical records.
For these reasons, and many more, it’s imperative that your cybersecurity program covers every avenue a cybercriminal could take to hack into your environment.
Thwart Physical Security Threats
Cybercriminals are crafty and unwavering in their attempts to infiltrate your environment. Then again, so are you and your tactics to keep them from getting their hands on your data. A good starting point to thwart physical threats against your network includes:
- Monitoring your network to identify vulnerabilities and abnormal activity within your environment
- Requiring USB data blockers (or USB condoms) be used when plugging in any flash drive to a network-connected device
- Inventorying hardware to assess (and patch or remove) legacy systems within your environment
- Managing BYOD policies properly and include full disk encryption for personal devices
- Locking up connected hardware to ensure devices are not left unattended and available to anyone passing by
- Having a discard policy to ensure information in physical documents is properly destroyed (i.e., shredded or burned) before throwing away
Stop Cybercriminals in Their Tracks
Perhaps one of the strongest safeguards against cybercriminals in any scenario is employee education and training. BYOD policies, tools, assessments, etc. are all great to have in place, but mean little to nothing if your employees don’t know about and implement them—especially since many of these threats are likely coming from within your own walls. Your team members can either be your greatest weakness or strongest defense; make sure you’ve set them and your organization up for success.
Cyberthreats of any kind can be detrimental, not only to your infrastructure but to your bottom line as well. By mitigating the chances of someone easily getting their hands on equipment connected to your network—either by removing the hardware entirely, or implementing new policies—you’re ultimately saving your organization time and money in the event of a cyberincident.