It is generally accepted that “users are the weak link” in security. Very few technical controls can compensate for the intricacies of human behavior such as a person’s natural tendency to trust another person.
The strongest door locks are of no use when your employees prop the side doors open. Do your employees actually verify visitors are wearing the required guest badges? Were those visitors verified before they were granted the badge?
Onsite social engineering is performed to assess the effectiveness of physical security controls, employee response to suspicious behavior, and validate that network security controls cannot be bypassed by establishing an onsite presence. HALOCK leverages a variety of coercion tactics to gain physical access to your organization’s facilities. Once there, establishing backdoors and gaining access to sensitive materials is almost a certainty.