Smoking ban "a back door" for hackers

Security company warns that workplace smoking ban provides opportunities for social engineering attacks.

Letting your employees have a sneaky fag outside the building could let hackers sneak in, according to security experts.

As a total ban on smoking in the workplace fast approaches, one company warned that this could literally provide a back door for hackers to gain access to corporate networks.

Tests carried out by penetration testing company NTA Monitor, found that some of its testers were able to gain access to a company network literally through a back door as they spotted workers crowded outside the rear of an office having a cigarette.

The tester simply walked through the door and then asked an employee to take them to a meeting room claiming that the IT department had sent them there. According to the company, the person had not got a pass and was easily able to connect his laptop to a VoIP network through a telephone point.

"It used to be that companies 'left the back door open' in terms of internet security, now they are literally leaving their buildings open to accommodate smokers," said Roy Hills, technical director at NTA Monitor. "We are experiencing a surge in demand for social engineering tests as hackers are turning to social techniques to infiltrate corporate networks."

Hills said that this social engineering test proved that once inside a corporate building, an attacker can use social methods on employees to gain access to restricted areas and information if a rigid staff pass system is not in place.

Featured Resources

BCDR buyer's guide for MSPs

How to choose a business continuity and disaster recovery solution

Download now

The definitive guide to IT security

Protecting your MSP and your customers

Download now

Cost of a data breach report 2020

Find out what factors help mitigate breach costs

Download now

The complete guide to changing your phone system provider

Optimise your phone system for better business results

Download now

Recommended

Data breach exposes widespread fake reviews on Amazon
data breaches

Data breach exposes widespread fake reviews on Amazon

7 May 2021
TsuNAME vulnerability could enable DDoS attacks on major DNS servers
distributed denial of service (DDOS)

TsuNAME vulnerability could enable DDoS attacks on major DNS servers

7 May 2021
What are SSH keys?
cyber security

What are SSH keys?

7 May 2021
Google’s about to push everyone into two-factor authentication
Security

Google’s about to push everyone into two-factor authentication

6 May 2021

Most Popular

KPMG offers staff 'four-day fortnight' in hybrid work plans
flexible working

KPMG offers staff 'four-day fortnight' in hybrid work plans

6 May 2021
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

29 Apr 2021
How to move Windows 10 from your old hard drive to SSD
operating systems

How to move Windows 10 from your old hard drive to SSD

30 Apr 2021