News
News
2/15/2007
11:32 AM
50%
50%

Smokers Open The Door For Hackers ... Literally

One propped open door to a smoking area can be a huge security risk for a company otherwise focused on battening down the network hatches.

Smoking isn't just bad for your health, it seems that it's also bad for company security, according to a new study.

With companies banning smoking inside their offices, smokers are forced outside -- usually to specific smoking areas in the back of the building. The doors leading out to them are a major security hole, according to a social engineering study undertaken by NTA Monitor Ltd. a U.K.-based Internet security tester.

NTA's tester was able to easily get inside a corporate building through a back door that was left open so smokers could easily and quickly get out and then back in to work, according to the company. Once inside, the tester asked an employee to take him to a meeting room, claiming that the IT department had sent him. Even without a pass, he reportedly gained access unchallenged and was then able to connect his laptop to the company's VoIP network.

"It used to be that companies 'left the back door open' in terms of Internet security," said Roy Hills, technical director at NTA Monitor, in a written statement. "Now, they are literally leaving their buildings open to accommodate smokers. We are experiencing a surge in demand for social engineering tests as hackers are turning to social techniques to infiltrate corporate networks. This latest social engineering test has proved that once inside a corporate building, an attacker can use social methods on employees to gain access to restricted areas and information if a rigid staff pass system is not in place."

Social engineering, in this sense, refers to con artists or hackers bypassing computer security by manipulating people to disregard normal security rules.

Comment  | 
Print  | 
More Insights
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest, Nov. 10, 2014
Just 30% of respondents to our new survey say their companies are very or extremely effective at identifying critical data and analyzing it to make decisions, down from 42% in 2013. What gives?
Video
Slideshows
Twitter Feed
InformationWeek Radio
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.