Umbrella Up, Security Down: The Tailgating Threat

06 Feb 2025

A Simple Trick, a Serious Risk

In the world of cybersecurity, even the most seemingly innocuous actions can pose a significant threat. One such threat, often overlooked, is tailgating. While it might sound like a harmless act of following someone into a building, tailgating can be a powerful tool for cybercriminals looking to gain unauthorised access to sensitive systems and data.

How Does Tailgating Work?

Tailgating involves a person following closely behind another authorised individual as they enter a secure area. This could be a corporate office, a data centre, or any other location that requires access credentials. By exploiting the human element, tailgaters can bypass security measures and gain entry without being detected.

The Umbrella Approach

A new twist has emerged in the world of tailgating: the umbrella. While it might seem odd, an umbrella can be a surprisingly effective tool for concealing a tailgater’s attempts to transition from outside to inside a building. Additionally, it provides a natural conversation starter about the weather, putting people at ease. Playing on these social norms, including thanking someone for holding open the door whilst you hustle behind laden with coffee cups, or simply engaging people in confident conversation as you approach a building entrance, can grant a threat actor their first step towards system access.

The Dangers of Tailgating

1. Physical Data Theft: Once inside a secure area, tailgaters may attempt to steal physical data, such as laptops, USB drives, phones, or even traditional paper files. This can lead to a data breach if the stolen data contains sensitive information.
2. Network Access: Perpetrators may attempt to connect to the organisation's network and gain access to sensitive data. This could involve using compromised credentials or exploiting vulnerabilities.
3. Malware Installation: Threat actors may also attempt to install malware on organisation computers/systems. This could lead to data breaches, system disruptions and financial losses.
4. Backdoors: Tailgaters ultimate objective is often to install a device or software that allows them to maintain access to the network remotely, even after they have left the building.

Preventing Tailgating

1. Enforce Strict Access Controls: Implement rigorous access control measures, such as requiring employees to present identification cards and passcodes before entering secure areas.
2. Train Staff on Tailgating Prevention: Educate employees about the dangers of tailgating and encourage them to report suspicious activity. Consider conducting physical social engineering exercises to test the awareness and training of your employees.
3. Use Surveillance Systems: Install high-quality surveillance cameras in and around secure areas to monitor for tailgating attempts. These cameras can also serve as a deterrent, discouraging potential tailgaters amongst other threats.
4. Limit Access Points: Reduce the number of access points to secure areas to make it easier to monitor entry and exit.
5. Conduct Regular Audits and Assessments: Conduct independent audits, such as against the ISO 27001 Physical Security Controls, to ensure you have effective measures in place.
6. Promote a Culture of Security Awareness: Foster a culture of security awareness among employees, encouraging them to be vigilant and report any unusual activity.

By understanding the threat of tailgating and taking proactive steps to prevent it, organisations can protect their sensitive data and systems from unauthorised access. Remember, even the simplest of tricks can pose a serious risk.

Intertek regularly performs social engineering and physical security audits for its public and private sector clients, with a high success rate in gaining access to office buildings and the data within. Organisations are additionally supported through the provision of staff security awareness training, helping employees to identify and reduce the likelihood of tailgating and other access attempts.