Physical Pen Testing
Below is an explanation and some examples of vulnerabilities including a case study of a test conducted on a 5* Mayfair Hotel.
Physical penetration testing simulates an attacker's attempt to access restricted places or information and is intended to find vulnerabilities in an organization's physical security systems. This kind of testing might involve stealing business property, trying to enter restricted areas, or employing social engineering tactics (I.e. posing as an employee or customer).
What is Pen Testing
"The threat from terrorism is enduring. In recent years, we have seen terrorists target the public at a broad range of locations, causing deaths and casualties amongst innocent people going about their everyday lives,"
- MP Tom Tugendhat on Martyn's Law
"Burglars targeting the homes of top footballers appear to be monitoring stars' schedules to take advantage of their absence for away games – after Manchester City winger Jack Grealish's home was broken into this week."
Public Events
High net worth individuals
Business premises
"An estimated 28% of all business premises had been a victim of any crime asked about in the survey during the last 12 months"
Examples of vulnerable places
Mayfair Hotel Pen Test
Background
The objective was a 5* Hotel in Mayfair in London, the hotel is renowned for welcoming all manner of famous and ultra-high net worth guests. The hotel asked us to conduct a full physical security assessment during the working day.
Objectives
It was agreed that we were to evaluate the effectiveness of their physical security, including access controls, and surveillance systems. We were also to identify any weaknesses in their physical security measures that could be exploited by a hostile attack.
There were limitations agreed upon during the consultation to ensure we kept within the law, did not affect the day-to-day running of the hotel and most importantly to not cause a scene. It was paramount that there could not be a negative impact on the hotel guests' experience.
Methodology
Open-source intelligence – We first conducted in-depth intelligence gathering, using one of our analysts, this revealed some potential social networking opportunities and some possible methods to gain entry.
Social engineering -We used the intelligence that we had gathered to arrange a meeting, this is known as a pretext, this paired with an in-depth cover story would allow us freedom of movement within the hotel's guest areas and also access to the staff areas.
Reconnaissance– This was conducted by one person who was "living out" the cover story, unwittingly the hotel staff escorted us to any area of the hotel we wished. Using Elicitation techniques, we managed to gain additional intelligence that would be used for the actual penetration test.
The Physical Penetration text (Execution)
A Team of 3 operatives conducted the penetration test, due to thorough knowledge of the internal layout of the hotel, its procedures and knowledge of it surveillance system allowed the team to gain access to every part of the hotel.
Report
The team produced an in-depth report, which included information on the "Noisy" potential threats that as agreed had not been put to the test. The reports consisted of an executive summary to allow the client to understand what we had achieved, where we had achieved it, how we achieved and when the test was conducted.
The recommendations were a mix of simple policy or procedural changes. This included infrastructure investments or updates. and staff training..
Contact Us
Don't hesitate to get in touch
contact@bgc-security.co.uk
Responses expected within 12 hours
Locations
UK based
Operations Abroad
Office Working Hours
Mon-Fri: 9am-6pm