IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Smoking ban "a back door" for hackers

Security company warns that workplace smoking ban provides opportunities for social engineering attacks.

Letting your employees have a sneaky fag outside the building could let hackers sneak in, according to security experts.

As a total ban on smoking in the workplace fast approaches, one company warned that this could literally provide a back door for hackers to gain access to corporate networks.

Tests carried out by penetration testing company NTA Monitor, found that some of its testers were able to gain access to a company network literally through a back door as they spotted workers crowded outside the rear of an office having a cigarette.

The tester simply walked through the door and then asked an employee to take them to a meeting room claiming that the IT department had sent them there. According to the company, the person had not got a pass and was easily able to connect his laptop to a VoIP network through a telephone point.

"It used to be that companies 'left the back door open' in terms of internet security, now they are literally leaving their buildings open to accommodate smokers," said Roy Hills, technical director at NTA Monitor. "We are experiencing a surge in demand for social engineering tests as hackers are turning to social techniques to infiltrate corporate networks."

Hills said that this social engineering test proved that once inside a corporate building, an attacker can use social methods on employees to gain access to restricted areas and information if a rigid staff pass system is not in place.

Featured Resources

Four strategies for building a hybrid workplace that works

All indications are that the future of work is hybrid, if it's not here already

Free webinar

The digital marketer’s guide to contextual insights and trends

How to use contextual intelligence to uncover new insights and inform strategies

Free Download

Ransomware and Microsoft 365 for business

What you need to know about reducing ransomware risk

Free Download

Building a modern strategy for analytics and machine learning success

Turning into business value

Free Download

Most Popular

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack
hacking

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack

16 May 2022
Researchers demonstrate how to install malware on iPhone after it's switched off
Security

Researchers demonstrate how to install malware on iPhone after it's switched off

18 May 2022
Windows Server admins say latest Patch Tuesday broke authentication policies
Server & storage

Windows Server admins say latest Patch Tuesday broke authentication policies

12 May 2022