In fall 2021, Sinclair Broadcast Group, the second-largest television station operator in the U.S., reeled from a destabilizing ransomware attack. Ransomware attacks prevent users from accessing systems until they pay a hefty fee. The incident disrupted the company’s broadcasts to local stations, caused critical data loss, and affected Sinclair’s ability to transmit advertisements.
A cybersecurity breach is just one of the handful of security breach types that organizations around the globe must prepare for with increasing urgency. According to the Identity Theft Resource Center, 2021 was a record-breaking year of data compromises, with the rate of incidents already 17% above the previous year by September.
A dramatic recent example of a physical security breach is the Jan. 6, 2021 Capitol riot. Despite plenty of warnings and evidence on social media of an impending attack, Capitol officials’ lack of preparation led to disaster — five people died as rioters stormed the building, and congresspeople were forced to flee.
Physical and digital security breaches have the potential for disruption and chaos. Now more than ever, leaders should consider the physical and digital security of governments, companies, schools, and other community spaces that need protection. In current times, physical and digital security are intertwined — so breaches in one space can lead to breaches in others.
What Are the Types of Physical Security Breaches?
Physical security breaches involve a loss of property or information due to a space (such as an office or building) becoming compromised. Some security breaches are overt, as when a burglar breaks in through a window and robs a store, but many breaches are the result of hard-to-detect social engineering strategies that barely leave a trace.
The Importance of Building Security Support Systems
Security experts say that humans are the weakest link in any security system. To properly prepare personnel for physical security attacks, leaders must carefully consider situations that may require coordination between multiple teams and organizations to protect against physical threats.
A lack of personnel coordination can lead to catastrophe, as seen at the U.S. Capitol building on Jan. 6, 2021. Dr. Brian Gant, assistant professor of cybersecurity at Maryville University and a veteran of the FBI and Secret Service, found Capitol security severely undersupported on the day of the insurrection.
“There’s no way [for Capitol police alone] to properly protect a building like that, so that’s why that initial planning was just subpar,” Dr. Gant told Fast Company reporters. “There’s no other way to cut it.”
Gant said Capitol police should have been backed up by federal armed forces and physical security measures (such as bollards and fencing), as is routine for political events such as presidential inaugurations. Outnumbering and overrunning security personnel, insurrectionists gained access to congressional computers and physical files.
Bad actors may not need a mob to breach a physical security system, but the events on Jan. 6 illustrate a broader need for building robust security support systems to protect physical and intellectual property. Leaders should create crisis coordination plans that foster direct communication channels between security guards, law enforcement, emergency medical professionals, cybersecurity professionals, and any other relevant parties to share resources and call for backup, as needed.
Securing Against Social Engineering
Social engineering is the activity of manipulating a person into acting in a way that creates a security breach, knowingly or not.
For example, cyber criminals have successfully left USB devices for people to find and plug into their computers, unleashing malicious code. This strategy, called a USB drop attack, can crash computer systems with malware as soon as a good Samaritan, in a well-meaning effort to return the USB to its owner, plugs in the device and opens a file.
Tailgating, another common tactic, occurs when an unauthorized person slips into a secure area behind someone who shows proper ID. Once inside, an opportunistic perpetrator might wait for an employee to leave their badge or computer unattended, enabling an attacker to further breach the system.
Without proper physical security, including equipment such as cameras as deterrents, malicious actors can sneak past security checkpoints to steal and sow disorder.
Security expert and president of the International Association of Healthcare Security and Safety (IAHSS) Alan Butler says that most physical breaches result in crimes of convenience: theft of property that can be sold for a quick buck. Laptops, supplies, and drugs (from medical settings) are easy targets when improperly secured.
Physical security tactics must constantly adapt to keep up with evolving threats and different types of security breaches. As a prevention measure against quick information grabs, IAHSS leaders suggest organizational practices such as blocking the ability to send attachments to external emails and preventing the saving of files to USB drives. This hinders but does not entirely prevent a bad actor from accessing and acquiring confidential information.
For example, using a cellphone camera, a person could take a picture of sensitive documents without ever saving or forwarding a file directly — hence the need for robust and consistent physical security monitoring with multiple checks that leave as little room as possible for human error.
Tactics For Strengthening Physical Security
Security personnel must have adequate support to prevent unauthorized individuals from accessing a secure space. Practices for increasing physical security include:
- Training staff to prepare for physical security risks (including social engineering tactics)
- Creating crisis communication plans
- Investing in security technology and equipment, such as security cameras and robust locks
- Designing physical spaces to protect expensive property and confidential information
- Vetting employees to catch potential conflicts of interest that might lead to a compromise of information or access
- Attaining additional resources as needed (i.e., hiring additional physical security for large events and calling in support, as needed)
What Are the Types of Digital Security Breaches?
Digital security breaches involve compromising information via electronic systems. As digital spaces expand and interconnect, cybersecurity leaders should act swiftly to prevent digital attacks.
Types of Digital Security Breaches
In May 2021, an American oil pipeline system, Colonial Pipeline, suffered a ransomware cyber attack. The malware prevented users from accessing the computerized equipment that managed the interstate pipeline carrying gasoline and jet fuel from Houston to the Southeastern U.S. With the help of the FBI, the company paid the ransom of 75 bitcoin (or $4.4 million).
Adobe, eBay, Equifax, Home Depot, Target, and Yahoo are just a few of the companies that have been impacted by another type of security breach: a data breach. Despite advanced security measures, hackers still managed to successfully attack these organizations and compromise confidential customer data.
Other common types of digital security breaches include:
- Phishing. This tactic involves a hacker sending a request, often in the form of an email, designed to look like it has been sent from a trusted organization or company. Phishing emails attempt to entice a recipient to give up sensitive data (such as a password) or download an attachment containing malware.
- Eavesdropping. Hackers can disguise themselves as a trusted server and send queries to track valuable information such as credit card numbers (active attack) or gain such information through the transmission network (passive attack). Both work by intercepting a user’s network traffic.
- Denial-of-Service (DoS). The DoS attack attempts to force a network or service to go offline with a flood of traffic. Hackers can hijack devices using botnets to send traffic from multiple sources to take down entire networks (in a distributed denial-of-service, or DDoS, attack). Hackers often use DoS and DDoS attacks as a smokescreen for other attacks that occur behind the scenes.
- Malware. This is a catchall term for any type of malicious software designed to exploit or harm a programmable network or device. Malware can be downloaded or uploaded via external devices such as a USB.
Our Increasingly Interconnected World: The Internet of Things
Today, digital security must account for the wide network of devices in communication over the internet. From smartwatches that track biometrics such as heart rate to smartphones that can raise the temperature on a home thermostat, the Internet of Things (IoT) is a massive system of connected devices. The IoT represents all devices that use the internet to collect and share data.
As the U.S. Cybersecurity and Infrastructure Security Agency (CISA) notes, the IoT has led to an increasingly interlocking system that blurs the lines between physical security and cybersecurity risks. As more people use smart devices, opportunities for data compromises skyrocket. Security risks involve physical breaches of devices and vulnerability to cyber attacks that can affect a huge group of devices.
How to Protect Against Digital Security Attacks
Digital security breaches affect people and companies, including government systems that monitor air, water, infrastructure, and safety. Therefore, all individuals and organizations that use digital technology need to do what they can to protect themselves from cybersecurity breaches.
Tactics to prevent digital security breaches include:
- Protecting passwords
- Creating new, strong passwords for each account
- Educating employees about the warning signs of phishing scams (i.e., suspicious requests for personal information)
- Maintaining robust IT systems, including using updated software
How Are Physical Security and Digital Security Related?
The increasingly intertwined connection between physical security and cybersecurity opens the door to risks at each node of the IoT network. For example, a hacker could compromise a single smart device, which, when connected to the internet, may shut down an entire digital ecosystem. An especially successful cyber attack or physical attack could deny critical services to those who need them.
According to the 2020 Cybersecurity and Infrastructure Security Convergence Action Guide created by CISA, the interconnected physical and digital assets could lead to a compromise of an entire system:
- A cyber attack on telecommunications could prevent law enforcement and emergency services from communicating, leading to a lethal delay in coordinated response to a crisis.
- An unmanned aircraft system (UAS) could compromise sensitive information using wireless hacking technology on an unsecured network.
- A virtual override of a heating, ventilation, and air conditioning (HVAC) system could cause a temperature rise that renders network servers inoperable.
Thus, digital breaches lead to physical security breaches and vice versa. Strengthening both digital and physical assets in combination can help better prevent breaches.
Maryville Offers a Wide Range of STEM Programs
As the IoT continues to expand, and as organizations rely more on an interconnected system of physical and digital assets, cybersecurity leaders should plan and prepare for evolving threats.
Are you interested in cybersecurity and its many facets? Read about Maryville’s STEM courses and cybersecurity degree programs — including bachelor’s, master’s, and certificate offerings — to learn more about tools and tactics for preventing and mitigating digital and physical security breaches.