Can cybercriminals harm us on a physical level?
When we talk about cyber-attacks, we always associate them with risks in the use of new technologies and especially the Internet. However, on some occasions, when a cyberattack is directed at a specific company, entity or individual, the cybercriminal may want to physically damage its activity or integrity. For example, by dropping an infected USB stick and waiting for a user to plug it in, connecting to an accessible computer or even manipulating security systems (cameras, alarms, etc.).
Especially cyberattacks targeting critical infrastructures, industrial companies and OT systems in general, such as a water treatment plant or a food production plant, are often hybrid attacks. This means that cybercriminals who attempt to carry out sabotage, shutdowns, or misconfiguration of control systems not only do so remotely and behind a computer, but also by physically entering the premises and facilities of the target company.
How do they do it?
Impersonating false visitors, job candidates, maintenance, cleaning, courier, transportation, inspection or similar technicians.
What can we do to avoid it?
- No unauthorized access to the facilities and offices during working hours. Especially if we are accompanied by people who are not part of it.
- Accompany or supervise at all times visitors (customers, auditors, inspectors, etc.) and outsiders (including couriers, carriers, maintenance technicians, etc.) who come to the company on time. Regardless of the level of periodicity with which they do so.
- Do not leave devices (computers, tablets, cell phones and machines) or confidential documents unattended , nor provide them to unauthorized third parties (including colleagues from other areas or departments).
- Do not connect USB devices found on the floor or parts of the premises or offices to any machine, computer or equipment (including production machines in industry and printers and photocopiers in offices).
- Last but not least, if you have keys, access cards and/or codes for entry systems or alarm systems, do not make copies or give them to unauthorized third parties.
IMPORTANT NOTE:
- If, despite complying with all these measures, you encounter situations that do not conform to the level of security required or established in internal policies, do not hesitate to inform your line manager, the Security Manager, security personnel and/or the IT department, depending on the type of suspicion.
- If it happens to you on a personal level, report it directly to the police authorities, so that they can give you appropriate advice and conduct an investigation.