Resources

12 Days of Red Teaming – Day 6, Reconnaissance on Santa’s Workshop | Cybaverse

Written by Alice Langton | Dec 8, 2022 12:00:00 AM

Monitoring the physical location of Lapland Industries(Santa’s Workshop) to see how physical access may be possible.

As Cybaverse continues its Red Team, a test on Lapland Industries physical security was required. Having conducted Phishing and Vishing tests, Cybaverse look to compromise Santas Workshop's physical security.

Due to the coverage in the news, organisations are hyper aware of Cyber threats and invest in tools and tests to ensure their systems remain secure. This can mean that sometimes, physical security is overlooked.

Physical security infiltration testing

Physical security infiltration testing allows organisations a realistic overview of the effectiveness of their current physical security measures.

The primary goal of this test is to gain physical access to a building or site where threat actors could access the network or obtain personal information from physical items such as files or official records.

This typically includes an assessment of the following security protocols:

  • Alarms, CCTV, Locked doors & windows
  • Overnight security
  • Internally, is personal information securely stored (information properly segmented between employees)
  • Could an intruder connect to the network after gaining physical access

Santa's Workshop stake out

Cybaverse spent some time monitoring and collecting information on the physical location of the Workshop. This was done via Google Maps, looking at employees on social media to see if they have posted pictures of the Workshop, public records and physical observation. The Workshop had a significant glass entrance and large windows which allowed considerable visibility into the building. This allowed Cybaverse to put together the following plan for the workshop.

Cybaverse noticed that the games table was an area where elves from all departments get together. Therefore, an outsider is less likely to be noticed. After games, we witnessed elves holding the doors open for their colleagues. We developed a plan to send two individuals undercover to play table tennis with the elves to gain trust and hopefully gain access to the canteen.

Once in the canteen, Cybaverse would need to sit close enough to a fellow elf to clone their access card and use this to gain access to the rest of Santa’s Workshop, including key IT infrastructure.    

How to protect your business against physical security infiltration

Like cyber security, physical security requires a number of different tactics that create layers so that if one tactic fails, another one is in there to act as a failsafe. Typical tactics to protect against physical security Infiltration are:

  • Physical security hardware – CCTV or video footage on entrances and exits will help identify who is entering and leaving the building
  • Education – Educating employees to look out for individuals who may be in areas that they shouldn’t and encourage all to swipe passes and not hold the door open for anyone
  • Workstation – ensuring that if an individual is able to gain access that everyone’s workstation is secure when unattended, e.g. locking screens and having secure passwords

Now that physical reconnaissance is complete, tomorrow Cybaverse will try to gain physical access to Santa’s workshop!