Cybersecurity In-Depth

The Edge

Ghost Town Security: What Threats Lurk in Abandoned Offices?

Millions of office buildings and campuses were rapidly abandoned during the pandemic. Now it's a year later. What happened in those office parks and downtown ghost towns? What security dangers lurk there now, waiting to ambush returning businesses?

(Continued from page 1) 

Buildings that were not properly secured and monitored over this past year present a ton of new opportunities and, as you know, "attacker" is just another word for "sneaky-pants opportunist" in the security world.

One example: "Recently, in one customer environment, hidden boxes stacked in an organization's warehouse were discovered to be housing a clandestine cryptocurrency farm in disguise, illegally running off the company's network power," says Justin Fier, director of cyber intelligence and analytics at cybersecurity firm Darktrace. "With Bitcoin at an all-time high, I can imagine malicious insiders or cybercriminals are increasingly using abandoned office buildings to place their mining rigs and steal corporate network power."  

Yikes! But that's not the only thing going down in all these newly created ghost towns.

"Alternatively, attackers may indeed break into offices to drop in rogue dropboxes, which seem inconspicuous," Fier adds. "Particularly with empty offices, these kinds of devices are likely to get overlooked by security teams, and they represent easy entry points to use for later cyber intrusions." 

In some cases, the bad guys will increase efficiencies in their existing playbooks.

"For instance, in the event of a ransomware attack, it's much easier to physically shut down a machine or pull a power plug than it is to do remotely from thousands of miles away — and in high-stakes environments, like highly secure data centers, security teams operating remotely face a real danger of not being able to act in time," Fier said.

That's just a few of the haunts and horrors that security teams are likely to find when employees return in a hybrid or full new normal workspace model.

Have you run across other interesting "pandemic specials" in your sweeps to make it safe for workers to return to their workspaces? Help the security community out and tell us about it in the Comments section, below. Have some great pandemic war stories to share? Send those to the author of this story, please — you may find your work highlighted in another feature story soon.