Chapter 44 Β· Flashcards

Physical Attacks Flashcards

Click any card to reveal its definition.

0 / 10 flipped
Physical Attack
Tap to reveal
An attack that involves direct physical interaction with hardware, facilities, or supporting infrastructure rather than exploiting software vulnerabilities. Physical attacks bypass digital defenses by operating outside the assumptions that software security is built on β€” that the attacker is remote. Physical access to a server gives the attacker full control: they can boot from external media, remove drives, install hardware keyloggers, or simply take the hardware. No OS or software security control can fully prevent in-person attacks.
Physical Brute Force
Tap to reveal
Overcoming a physical barrier through direct force β€” no technical skill, credential, or tool required beyond physical strength or simple implements. Kick a door, lever a frame, break a window, cut a padlock. Physical brute force targets the weakest point in the perimeter β€” which is often not the lock but the frame, adjacent window, or the wall beside the door. Security assessment must test actual resistance to force, not just evaluate lock specifications. The rating of a lock means nothing if the frame it is mounted in fails first.
RFID Cloning
Tap to reveal
An attack in which a device reads a legitimate RFID access badge wirelessly and copies its identifier to a blank card, creating a functional duplicate. Cloning devices cost under $50 and complete the process in seconds. The victim never knows β€” the badge stays in their pocket; no contact is made. The cloned card opens every door the original opens. The access log records the entry as the legitimate employee. Detected only by monitoring for impossible simultaneous-location events (same badge used in two locations at once).
MFA for Physical Access
Tap to reveal
The primary defense against RFID cloning. Physical access control requiring both a badge (something you have) AND a PIN (something you know) or biometric (something you are) cannot be defeated by a cloned card alone. The attacker has the cloned card but lacks the PIN or fingerprint. Access is denied. Without MFA, a badge alone is a single factor that can be cloned, stolen, or found β€” one action defeats the entire access control system. With MFA, all factors must be compromised simultaneously.
Environmental Attack
Tap to reveal
A physical attack that targets the environmental infrastructure supporting IT systems β€” power, HVAC, humidity, fire suppression β€” rather than the computers themselves. The attacker does not need to enter or access the server room. By disrupting the conditions required for hardware to operate, they cause system shutdowns from outside the secured perimeter. Environmental infrastructure is often secured at a lower standard than the server room, making it a high-value, low-difficulty attack surface for a determined attacker.
HVAC Attack
Tap to reveal
Disrupting a data center's Heating, Ventilation, and Air Conditioning systems to cause server overheating and automatic thermal shutdown. Servers generate intense heat and require continuous cooling. When cooling is disrupted, temperature rises. Hardware thermal protection automatically throttles CPUs, then shuts systems down to prevent damage β€” without any attacker command. The plant room housing HVAC equipment is often secured less rigorously than the server room. HVAC management systems are frequently networked and may be reachable through less-secured segments.
Fire Suppression as Attack Vector
Tap to reveal
Triggering a data center's fire suppression system causes an emergency shutdown without requiring access to any server. Data center suppression uses gaseous agents (not water). Triggering it β€” by creating false smoke, pulling a manual activation handle, or compromising the control system β€” floods the space and initiates shutdown. This is a denial-of-service attack that bypasses all server room physical security. Manual pull handles and suppression control access must be secured and monitored to prevent this attack vector.
Humidity Control and ESD
Tap to reveal
Humidity levels in a data center must be maintained in an appropriate range. Too low β†’ electrostatic discharge (ESD) risk: dry conditions build up static charge; touching hardware with a static charge can instantly destroy components. Too high β†’ condensation risk: moisture on circuit boards causes short circuits and corrosion. Both extremes are hardware-damaging attacks if deliberately induced. Standard target: approximately 40–60% relative humidity. Environmental monitoring with alerts on deviations provides time to respond before damage occurs.
Man-Trap (Entry Control Vestibule)
Tap to reveal
A physical access control using two sequential locked doors: the first must close and authenticate before the second opens. Prevents tailgating β€” an unauthorized person cannot follow an authorized person through, because only one person can be in the vestibule between doors at a time, and each entry requires individual authentication. Man-traps are standard at data center entrances. The space between doors is typically monitored with cameras and may use weight sensors to detect multiple occupants. The definitive defense against tailgating/piggybacking attacks.
Why Locks Only Keep Out Honest People
Tap to reveal
A security principle stating that no physical security barrier absolutely prevents a determined attacker β€” it only raises the cost and effort of entry. A locked door stops casual access. A determined attacker will try adjacent windows, the wall beside the door, the ceiling, the floor, brute force on the frame, RFID cloning to use the badge legitimately, tailgating behind authorized staff, or social engineering the reception desk. Physical security design must account for the full range of approaches an attacker will try, not just whether the front lock is secure.