They can pose as copier repairmen, IT consultants, or fire marshals. They can steal a passcard, pick the lock, or simply walk in with a group of employees. They can borrow a password written on a Post-It, make a copy of a key, or simply plug into a network jack in an empty conference room.
They have two things in common: They've been on your network, and you probably never knew it.
"Analog hackers," sometimes called "physical hackers" or "social engineers," are among the industry's most subtly dangerous, yet least known, threats to IT security. At least, we think they are: Despite extensive research, we were unable to find any definitive industry research that shows the extent of the threat, or how fast it might be growing.
"There's a whole community built around it, yet you hardly ever see any real discussion about it anywhere," says Leonard Gallion, a physical security consultant, who also serves as IT manager for a Dallas-based nonprofit organization. "I'm not sure there is any data about it."
Get the full story at Dark Reading.