There are not only software threats we have to worry about; there are also computer hardware and physical tools that could be exploited to compromise the integrity of the organization. For example, a hacker could use a hardware device such as a keylogger or a USB device to gain access to the system. Alternatively, they could use physical tools such as screwdrivers or pliers to gain access to the system.
This is a simple USB that can insert malicious commands into the host computer that has been plugged into. It also allows attacks as a keyboard device, making it hard to detect in your environment. A good policy to prevent these attacks is not to allow USBs or only allow the exact device ID number of the equipment being used. Next to that is recommended to have user awareness on not to plug ransom USB devices in corporate or personal devices.
Sometimes attackers use an Evil twin attack to spoof an existing SSID from a Wi-Fi network. It allows the attacker to capture all the traffic and modify it before sending it to its intended target. For an Evil Twin attack to be performed, you just need a device that can create a simple Wi-Fi network. The device is usually set up with the identical SSID as the legitimate Wi-Fi network, making it look like an identical, but malicious, version of the legitimate network. The attacker will then intercept the data sent to the legitimate wifi network and modify it before sending it to its intended destination, allowing the attacker to gain access to sensitive data. For example, an attacker can use an Evil Twin attack to gain access to a user’s credit card information if they attempt to make a purchase on a malicious website connected to the Evil Twin network.
These are special devices that can be plugged into the network. Usually, they have multiple means of connecting to the attacker that does not rely on the defender’s network. Usually, a wireless or a mobile connection is used to get initial access to the compromised network. This allows the attacker to establish a foothold in the target’s network without relying on the integrity or security of the defender’s network. The attacker can then use this foothold to launch further attacks and gain access to more data or resources. For instance, an attacker may connect to the target network using a wireless connection and then establish a remote connection to their own system, allowing them to access the target network from an external location.
Raspberry Pi is remarkably like the Lan Turtle but has more capabilities to run special tools to increase the arsenal of tools the attacker can use. The Raspberry Pi has a more powerful processor and more RAM, which enables it to run more complex programs. Additionally, the Raspberry Pi has more ports and connections, allowing for more peripheral devices to be connected. This allows for the running of specialized tools that the Lan Turtle may not be able to run. For instance, the Raspberry Pi can run specialized tools such as Nmap and Wireshark for network reconnaissance and packet analysis.
Sometimes, to force access to buildings, they use badge clones to clone an employee’s badge to gain access to restricted sections of a building. To prevent these attacks, make sure you have badges with verification or use an extra control factor for authenticating your employees. Badge cloners are a type of security threat that involves the unauthorized duplication of an employee’s badge to gain access to restricted areas of a building or facility.
When an attacking team does its engagements, sometimes all it takes is a lockpicking toolset to get into the server room. That is why it is vital to make sure your locks are difficult to pick, or you have digital locks. Just keep in mind that every new solution comes with a new problem. Therefore, make sure you have done the proper risk assessment of the level of security the organization needs. This is the case because even if the door is physically secure, a skilled locksmith can still pick the lock. This is why it is imperative to use digital locks, which are much more difficult to pick, to ensure the highest level of security for your server room
Sometimes, for safety reasons, you can open the door from the other side. This allows a shuffle tool to go under the door and open the door from the inside. To prevent this attack, make sure the shuffle tools do not fit under or next to the locking mechanism.
Source:
Evil twin (wireless networks) – Wikipedia
Practical explanation Videos:
Physical Security’s 15 Greatest Hits
Raspberry Spy – Building a Custom Red Team Tool
So, you want to clone your work badge, apartment fob, gym pass, etc. to a chip implant?
Snagging Creds from Locked Machines with a LAN turtle – Hak5 2104
Rubber Ducky Windows 11 Payload
Build a Pumpkin Pi — A Rogue AP & MitM Framework That Fits in Your Pocket [Tutorial]