Types of Non-Technical Attacks

While it is easy to think that cybersecurity is limited to computers, it is important to remember that what happens in the real world has effects on the digital world. For instance, think about servers that need to stay unharmed for computer systems to function, these need to be physically protected. Another example is a credit card, knowing the numbers on the back can allow attackers to bypass authentication systems.

There are some attacks that threat actors use to gain access to this information:

• Shoulder Surfing: the name refers to “looking over someone's shoulder” in order to gain information, such as watching someone type in the passcode to their phone.

• Dumpster Diving: looking through trash in search of information. This can include looking through a computer's recycled files.

• Tailgating: Following someone with access to gain access to a facility. While this sounds like it would be easy to spot and report, attackers who tailgate often blend in to seem like they work at the facility.

• USB Baiting: leaving a malicious USB drive out in the open for someone to find. Upon plugging these drives in, they can damage a user's computer. Remember not to plug anything suspicious into your devices unless you know where it is from!