The first guide to planning and performing a physical penetration test on your computer's security Most IT security teams concentrate on keeping networks and systems safe from attacks from the outside-but what if your attacker was on the inside? While nearly all IT teams perform a variety of network and application penetration testing procedures, an audit and test of the physical location has not been as prevalent. IT teams are now increasingly requesting physical penetration tests, but there is little available in terms of training. The goal of the test is to demonstrate any deficiencies in operating procedures concerning physical security.
Featuring a Foreword written by world-renowned hacker Kevin D. Mitnick and lead author of The Art of Intrusion and The Art of Deception, this book is the first guide to planning and performing a physical penetration test. Inside, IT security expert Wil Allsopp guides you through the entire process from gathering intelligence, getting inside, dealing with threats, staying hidden (often in plain sight), and getting access to networks and data.
- Teaches IT security teams how to break into their own facility in order to defend against such attacks, which is often overlooked by IT security teams but is of critical importance
- Deals with intelligence gathering, such as getting access building blueprints and satellite imagery, hacking security cameras, planting bugs, and eavesdropping on security channels
- Includes safeguards for consultants paid to probe facilities unbeknown to staff
- Covers preparing the report and presenting it to management
In order to defend data, you need to think like a thief-let Unauthorised Access show you how to get inside.
Table of Contents:
Preface xi
Acknowledgements xv
Foreword xvii
1 The Basics of Physical Penetration Testing 1
What Do Penetration Testers Do? 2
Security Testing in the Real World 2
Legal and Procedural Issues 4
Know the Enemy 8
Engaging a Penetration Testing Team 9
Summary 10
2 Planning Your Physical Penetration Tests 11
Building the Operating Team 12
Project Planning and Workflow 15
Codes, Call Signs and Communication 26
Summary 28
3 Executing Tests 29
Common Paradigms for Conducting Tests 30
Conducting Site Exploration 31
Example Tactical Approaches 34
Mechanisms of Physical Security 36
Summary 50
4 An Introduction to Social Engineering Techniques 51
Introduction to Guerilla Psychology 53
Tactical Approaches to Social Engineering 61
Summary 66
5 Lock Picking 67
Lock Picking as a Hobby 68
Introduction to Lock Picking 72
Advanced Techniques 80
Attacking Other Mechanisms 82
Summary 86
6 Information Gathering 89
Dumpster Diving 90
Shoulder Surfing 99
Collecting Photographic Intelligence 102
Finding Information From Public Sources and the Internet 107
Electronic Surveillance 115
Covert Surveillance 117
Summary 119
7 Hacking Wireless Equipment 121
Wireless Networking Concepts 122
Introduction to Wireless Cryptography 125
Cracking Encryption 131
Attacking a Wireless Client 144
Mounting a Bluetooth Attack 150
Summary 153
8 Gathering the Right Equipment 155
The ‘‘Get of Jail Free’’ Card 155
Photography and Surveillance Equipment 157
Computer Equipment 159
Wireless Equipment 160
Global Positioning Systems 165
Lock Picking Tools 167
Forensics Equipment 169
Communications Equipment 170
Scanners 171
Summary 175
9 Tales from the Front Line 177
SCADA Raiders 177
Night Vision 187
Unauthorized Access 197
Summary 204
10 Introducing Security Policy Concepts 207
Physical Security 208
Protectively Marked or Classified GDI Material 213
Protective Markings in the Corporate World 216
Communications Security 218
Staff Background Checks 221
Data Destruction 223
Data Encryption 224
Outsourcing Risks 225
Incident Response Policies 226
Summary 228
11 Counter Intelligence 229
Understanding the Sources of Information Exposure 230
Social Engineering Attacks 235
Protecting Against Electronic Monitoring 239
Securing Refuse 240
Protecting Against Tailgating and Shoulder Surfing 241
Performing Penetration Testing 242
Baseline Physical Security 245
Summary 247
Appendix A: UK Law 249
Computer Misuse Act 249
Human Rights Act 251
Regulation of Investigatory Powers Act 252
Data Protection Act 253
Appendix B: US Law 255
Computer Fraud and Abuse Act 255
Electronic Communications Privacy Act 256
SOX and HIPAA 257
Appendix C: EU Law 261
European Network and Information Security Agency 261
Data Protection Directive 263
Appendix D: Security Clearances 265
Clearance Procedures in the United Kingdom 266
Levels of Clearance in the United Kingdom 266
Levels of Clearance in the United States 268
Appendix E: Security Accreditations 271
Certified Information Systems Security Professional 271
Communication–Electronics Security Group CHECK 272
Global Information Assurance Certification 274
INFOSEC Assessment and Evaluation 275
Index 277
About the Author :
Wil Allsopp (Netherlands) is an IT security expert who has provided security audits for some of the largest companies in the UK including top tier banking, government and most of the Fortune 100. His job requires him to be part hacker, and part thief as companies hire him to probe their security measures to the extreme.
