Lately, I’ve been drawn to do some desk research and limited hands-on testing of physical security measures. I’ve written about this subject before, you can find the article here. However, that article was written from the perspective of using social engineering to get into target locations during day time. Which was always lots of fun to do!
This time I was much more wondering about, what if you want to get in at night, while all the security measures are in place? If you wonder why, well for one because it is fun to do this type of breaking & entering legally and also because there are a ton of gadgets or potential gadgets.
This blog is mostly intended to make sure I don’t forget about all kind of possibilities to break in to facilities while all the security measures are enabled. Always useful to talk to yourself in written form right (hence the feeling that it might feel like ramblings, if you decide to read on)? This blog is not intended to determine if physical attacks are the most appropriate attacks to execute, since most attackers nowadays are doing almost everything remote. At least that is the current view on threat actors as far as I can tell from public sources.
Keep in mind that I’m no expert on this subject and that most of these options have only been desk researched and others are sort of a hobby for me. Basically: I am pretty sure I’m gonna be wrong in a couple of places. Feel free to leave better suggestions in the comments.
- Protection categories / levels / grades
- Physical damage makes life easier
- Reconnaissance & technical understanding are key
- Cables are underrepresented
- Tempest / physical clamping is underrepresented
- Alarm (detector) bypasses
- Seeing through walls/plastic works
- Miscellaneous
- References
DiabloHorn 