Pearl Technology Blog

Warshipping: What It Is and How to Prevent It

Posted on 10/8/2019 by Pearl Technology in cybersecurity cyberattack warshipping
image

Cyberattacks signed, sealed, delivered.

What if a cybercriminal could access your data without even having you click a single link on your device? Even when you devote so much attention to your office's network, is it possible for cybercriminals to sneak in undetected?

When companies begin taking steps to better secure their networks, the mailroom is probably one of the last places they go to. But a new type of cyberattack discovered by white hat hackers earlier this year may prompt companies to start thinking about the packages they allow in the office.

What is warshipping?

In August, IBM's in-house penetration testing team called X-Force Red discovered a new type of cyberattack in which criminals can access data through a piece of physical mail. Dubbed "warshipping," cybercriminals will mail a seemingly innocuous package to a business. Once delivered, a 3G-enabled device inside the package will be remotely operated. Using this device, cybercriminals can hack their way into the business's wireless network.

Not only does this discovery help business owners monitor vulnerabilities they never would have considered, but it's also an instance of cybersecurity professionals identifying a problem before it even becomes a problem.

How to prevent it:

Though separating physical security and cybersecurity can be easy to do, businesses should always think of the two as interconnected—especially with the rise of automated devices and internet of things.

Of course, you can't just apply a spam filter to your mailroom like you would your inbox, so here are a few pointers to prevent a warshipping attack.

  • Treat packages with high scrutiny. According to SecurityIntelligence's Charles Henderson, just as you wouldn't let unauthorized visitors wander around your business, you should treat any package with the same level of security. Keep packages out of secure areas—such as server rooms—and dispose of the boxes as soon as possible. Don't allow employees to have personal packages shipped to the office. You may even consider enacting a scanning process for every incoming package.
  • If nobody asked for it, don't open it. Common practice in regards to email is to never open any unsolicited attachments. Similarly, if a mysterious package arrives in your mailroom, trust your instincts and don't open it. Just like a phishing email, if you don't recognize the sender, don't trust it.
  • Safeguard your WiFi. If your business is operating with an unsecured WiFi, you may as well be rolling out a welcome mat for cyberattackers. Protect your WiFi with WPA2 authentication, along with a VPN and multi-factor authentication for employees.
  • Consult the professionals. At Pearl Technology, we include a penetration testing service that will identify any problem areas in your cybersecurity, then work with you on how to correct them. This service can prove to be invaluable to businesses as it allows owners to focus on running their business and taking the guesswork out of their IT management.

How do you protect your physical security and cybersecurity? Let us know in the comments!