Tailgating is an attack where an unauthorized person enters a secure area while covertly following an authorized employee who is unaware that anyone is behind them. Tailgating works in the following manner:
-
An employee enters a secure area by using an access card or badge on the locked entrance.
-
The employee opens the door and allows it to close by itself, without checking to see if anyone is behind them.
-
The attacker then quietly moves to the door as its closing and then walks in the secured area.
Tailgating requires several factors to be effective:
-
The door closes slowly to allow the tailgater to slip through.
-
The tailgated employee isn’t paying attention.
-
There is no guard or other personnel on the other side.
Piggybacking
Piggybacking is essentially the same as tailgating, but in this case, the target knows someone is following behind them. The target might know the unauthorized person and be involved somehow, or they might be ignorant of what the attacker is doing.
For example, the target might not know that the unauthorized person was recently terminated from the company and assume it’s just another day at the office. However, it’s more likely that the target doesn’t know the unauthorized person and is just keeping the door open for them out of common courtesy or to avoid confrontation.
Keep in mind that piggybacking is less effective in smaller organizations where everyone knows all the employees or in environments where building access is strongly controlled.
The PenTester will want to evaluate whether they are able to tailgate or piggyback into a secure area and then note the results.