What is Tailgating?

Safety is the be-all and end-all in most buildings. However, those who want to gain unauthorized access get creative. Nowadays, fraudsters often rely on so-called "tailgating attacks". This article shows what tailgating is and how you can protect yourself.

Tailgating: Definition and Meaning

The term "tailgating" actually means that one vehicle follows another very closely, which can become a danger for the driver in front. However, the term is used for another hazard.

A tailgating attack is a social engineering attack in which an attacker follows a legitimate person into an area to which they are not allowed to enter. It is therefore a physical security threat, as it allows unauthorized persons to stay in premises with sensitive data, money or other security-related elements.

By the way, most cyberattacks start with a social engineering attack, such as tailgating.

How does tailgating work?

A common form of a tailgating attack is when a person pretends to be someone they are not. For example, it pretends to be a supplier to a company. If an employee gains authorized access – for example, by unlocking the door with a key card – the attacker asks to hold the door open for them.

In large companies, where employees often don't know each other, an attacker could also pretend to be a colleague who has forgotten or lost his access card.

Trust is often built up in advance by making small talk with employees. This allows attackers to engage in tailgating and gain access to premises that would normally remain closed to them.

Tailgating works by attackers using tricks, causing deception or coercing people. A person is to be induced to take a specific action: let the attacker enter an area where accessis only available to authorized personnel.

Another tailgating method is to pretend to have your hands full. Anyone who approaches the security area visibly stressed and possibly with their hands full and involved in a phone call obviously seems important and as if there is a problem. Others are therefore more willing to hold the door open for the person and will not question whether they are authorized to pass through the door.

An employee does not always have to be deceived. For some reason, he could push open the door from the inside, allowing the attacker to intercept it unnoticed and gain access.

It is also possible for tailgating attackers to steal a user's access card, ID or device. In this way, he can copy the credentials and gain access at a later time.

The Goals of a Tailgating Attack

Tailgating is considered a threat to physical security. Companies in particular are affected by this social engineering attack. The attacker manages to bypass doors that are normally closed during tailgating. But what does he do when he has arrived in the restricted area ? The goals of tailgating are manifold:

1. ‍Theft of items: The attacker is able to steal valuable items through tailgating. In companies, these are typically computers, smartphones and other electronic devices. But depending on the industry, there may be other valuables in the building. These can either be sold and monetized or used for follow-up attacks.
   ‍‍
2. Theft of data: Some attackers are after confidential data by stealing documents, computers or data carriers. This data can also be sold or used as leverage in the event of blackmail.
   ‍‍
3. Device compromise: Because the attacker has physical access to devices, they can compromise them. This includes, among other things, overriding protective measures or installing malware so that a cyberattack can take place as a result.
   ‍‍
4. Sabotage: Direct access can destroy or sabotage devices and entire systems. In addition to damaging the business, attackers often have ransom extortion in mind.

Of course, a tailgating attack can also have far worse goals. In this way, attacks can be carried out in large and important buildings.

No matter what a tailgating attacker is aiming for, the company is always damaged. In fact, there can be so much damage that the company is ruined. Accordingly, it is important for every company to know the dangers of tailgating and to protect itself from it.

How to protect yourself from tailgating attacks?

Tailgating attacks can have serious consequences for companies. But what can you do to protect yourself? First of all, employers must get all users on board and educate them. Many employees are not aware that there are dangers such as tailgating. By sensitizing them to this, they react more cautiously when a tailgating attack occurs. Special training courses on the subject help with this. The goal is that employees always demand that others identify themselves if they want access to the building or premises. In addition, employees should never leave their key card lying around in the open.

In addition to raising awareness among users, certain devices on the building are also advisable. Turnstiles and access control vestibules can protect against tailgating. In large companies, every person who wants to enter the building must first show their company ID. Although this is time-consuming, it provides effective protection.

Access control using biometric access control systems is also suitable. If users have to identify themselves with an iris scan or fingerprint, this protects against tailgating.

Last but not least, companies should also rely on surveillance systems. With the help of video surveillance and other tracking methods, it is possible to check who has gained access and when, and whether there are any abnormalities. Many electronic access systems also make it possible to see who entered and left the building and when. We at BlueID will be happy to advise you on modern access controls for maximum security.

Conclusion

Tailgating poses a real danger for many companies. However, there are ways to protect yourself from it. The right lockingsystem is a must for anyone who wants to minimize the likelihood of tailgating attacks. In addition, employees should be sensitized accordingly.This makes it possible to carry out a safe day-to-day business life.

‍