Information Security News
NCA, GCHQ partner on cyber security skills programme
SC Magazine UK
The National Crime Agency, GCHQ and InfoSec Skills Ltd are embarking on a new scheme to help close the national 'skills gap' in information security. Together they have produced an ISM Skills Draft which opened to the UK public yesterday. It will train ...
Physical Access , as most of us know, is the final point of control. While in Las Vegas (on a well earned vacation) my wife and wandered all over. It only took around a day of being completely unplugged before my mind wandered back to 'security' land. While scoping out places to eat my partner drug us into a 'pricey' looking place (will attempt to remain nameless to protect the 'really' not so smart, however I am not a photo editor so if something slipped, I tried).
When we get into this place, at first in tourist-mode, had a lot of things designed to take my money. After spending a little bit more time in the place, I was most curious about the point of sale suite. Then I noticed, where it was placed, convenient on the floor, but the attendant not that close, distracted from the clients. It getâs worse, when I spending more time by the counter the attendant did even notice (as expected sadly) .
At this point I suspected that I could easily drop a USB key or a leave behind device and decided to take a quick picture of all the ports accessible.
If you look at the photo closely:
Conclusion? I paid cash (Not that it helps much, but sure did make me feel better)! Physical security and awareness of your staff regarding it cannot be missed. Reduce your attack surface anyone?
Are you picky about PoS locations now? What things have changed in your shopping habits?
Â(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.