Threat, Vulnerabilities and Mitigations: Indicators of Physical Attacks

Question 1

What do you do with doors people in secure areas?

Answer 1

Don’t prop open door, especially to secure areas such as server rooms and wiring closets.

Question 2

What are some the signs of tampering?

Answer 2

Signs of tampering:

Lock scratches.

Damage to door jambs.

Camera and/or sensor damage and/or obfuscation.

Radio Frequency Identification (RFID) scanner damage.

Question 3

What are the devices and peripherals that could potentially have unauthorized access?

Answer 3

Unauthorized cables and devices to be aware of include:
+USB drives: + https://shop.hak5.org/collections/hotplug-attack-tools + https://www.keelog.com/keygrabber-pico/

+ Dongles: https://shop.hak5.org/collections/implants +

USB cables: + https://shop.hak5.org/products/omg-cable + https://www.keelog.com/keygrabber-forensic-keylogger-cable-usb-extension-cable-hardware-keylogger-with-flash/

+ Raspberry Pi computers: https://www.raspberrypi.com/products/raspberry-pi-zero-2-w/

+ RFID cloning: - Badge cloning: check out Proxmark at https://proxmark.com/ - Card skimmers

Question 4

What are other types of physical attacks that you may encounter?

Answer 4

Might include:

Tampering with heating, ventilation, and air conditioning (HVAC) systems.

Physical denial of service (DoS) attacks.

Thermal shutdowns.