Presented at
BSidesLV 2023,
Aug. 8, 2023, noon
(25 minutes)
Do you know SPY×FAMILY? It is Japanese anime in which a brilliant SPY plays an active role. The SPY can easily infiltrate a company building. But in fact, even if you're not that skilled of a SPY, you can easily infiltrate.
Physical security is often overlooked when companies consider cybersecurity. Insufficient physical security measures allow attackers to physically intrude into restricted areas and even break into cyberspace by hacking LAN ports in offices. And indeed we were able to conduct evaluations against several companies and subsequently break into their corporate networks and take files that imitated confidential information.
In this presentation, we will explain and demonstrate attack methods such as intruding into a building by impersonating an external company, breaking through security gates by duplicating RFID using the latest technology, and bypassing MAC address filtering by LAN port hacking. We hope to help the audiences understand how easy physical attacks are and to help companies strengthen their physical security measures.
Presenters:
-
Tetsuya Takaoka
Tetsuya Takaoka is a passionate Japanese white hacker. He runs a venture company in Japan that specializes in security consulting services such as pentesting, incident response, forensics. He also has keen interests in education, so he is teaching pentesting and sharing technical knowledge about security on his blog to contribute to the development of cyber human resources in Japan.
He holds certifications such as OSCP, CRTO, CISSP(Associate), and Locksmith Level 2.
Links:
Similar Presentations: