Cybercriminals are planting so-called “sleepers” in cleaning companies so that they can physically access IT infrastructure and hack them.
The alert was launched by a senior police officer, cyber criminals are planting so-called “sleepers” in cleaning companies so that they can gau physicalaccess IT infrastructure and hack them. The police are urging organizations to bolster their physical security processes. Cleaners could allow attackers to bypass physical measures and once inside the target organizations they could hack internal systems and move laterally.
“Exploitation of staff is a key area” “Organised crime groups are planting ‘sleepers’ in cleaning companies that a procurement team may look at bidding for. There’s no way of auditing their vetting. They’ll also using people in painting and decorating firms; anyone who has out-of-hours access to a building is fair game.” Shelton Newsham, who manages the Yorkshire and Humber Regional Cyber Crime Team, told an audience at the SINET security event. “Even the old ‘drop a USB stick’ is back.”
The only way to prevent this kind of physical intrusions that exploit human factor and social engineering is to implement a cultural change.
Experts stressed the importance of security awareness and the importance of regular training for internal personnel.
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
Pierluigi Paganini
February 03, 2020
