Security experts today warned that the impending total ban on smoking in UK workplaces could be used by social engineering hackers to steal sensitive corporate data.
In a recent exercise undertaken by security consultancy NTA Monitor, a tester was able to gain access to a corporate building through a back door that was left open for smokers.
Once inside, the tester requested to be taken to a meeting room, claiming that the IT department had sent him. Even without a pass, he gained access unchallenged and was able to connect his laptop to the VoIP network via a telephone point.
Roy Hills, technical director at NTA Monitor, said: "It used to be that companies 'left the back door open' in terms of internet security. Now they are literally leaving their buildings open to accommodate smokers.
"We are experiencing a surge in demand for social engineering tests as hackers are turning to social techniques to infiltrate corporate networks."
He added that the exercise proves that once inside a corporate building, an attacker can use social methods on employees to gain access to restricted areas and information.
UK smoking ban opens doors for hackers
By Robert Jaques on Feb 15, 2007 9:50AM