British police have reportedly warned of a cyber threat posed by a remarkably low-key intrusion method, namely the use of office cleaners.
According to the news publication CBR (formerly Computerwire’s Computer Business Review), criminal gangs are planting “sleepers” in cleaning companies.
CBR quoted a senior police officer with responsibility for cyber crime, namely Shelton Newsham, who manages the Yorkshire and Humber Regional Cyber Crime Team, as its source.
Office cleaners
Newsham reportedly told an audience at the SINET security event that he was seeing a “much larger increase in physical breaches” as criminal gangs diversify how they attack corporations.
“Exploitation of staff is a key area”, Newsham was quoted by CBR as saying. “Organised crime groups are planting ‘sleepers’ in cleaning companies that a procurement team may look at bidding for. There’s no way of auditing their vetting. They’ll also using people in painting and decorating firms; anyone who has out-of-hours access to a building is fair game.”
And Newsham also highlighted an old school attack method when he said that “even the old ‘drop a USB stick’ is back.”
This refers to a technique whereby a malware infected USB stick is dropped in an office car park as bait. It relies on it being spotted by a curious staff member who then decides to plug the infected stick into an office computer.
Low-tech intrusion
It is often easy to overlook the risk of physical breaches such as the above techniques, and Newsham’s warning is a timely reminder to companies that they should not neglect traditi ..
Support the originator by clicking the read the rest link below.
