2022-10-30, 09:00–09:50, Track 1
You work hard to defend against internet based threats but how prepared are you when the attacker is on the literal doorstep? This session will provide a better understanding of the onsite attack surface and some of the more common, practical attack techniques that can result in a difficult to detect network compromise. Attendees will gain a better understanding of the role of Information Security as it pertains to Physical Security and be better equipped to identify gaps in their defenses before they are exploited.
Title/Bio Slides - Indicating the presentation an providing brief professional background
Talk Topic Slide - Discussing the issue presented, listing areas that will be covered, setting framework for the audience.
Perimeters - Discuss the onsite perimeter types and the difference between attacker and defender understanding of perimeters
-Wireless Perimeters
-Physical Perimeters
-Social Engineering Perimeters
Risk - Discuss the attacker's approach to risk in relation to executing onsite attacks.
Attacks - Cover the attacks available against the different perimeters
-Wireless Client
-Wireless Infrastructure
-Other wireless devices
-Bypassing Physical Controls
-Defeating Physical Controls
-In-person Social Engineering
Hybrid Attacks - Leveraging multiple tools and techniques to execute a complete attack.
Remediation - Suggestions, warnings of common pitfalls and a call to action.
Q&A/Exit Slides
Majority of the time is spent on the different attacks, followed by understanding the onsite attacker mindset