Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Edge Articles

11:30 AM
Pam Baker
Pam Baker
Edge Features
Connect Directly

Ghost Town Security: What Threats Lurk in Abandoned Offices?

Millions of office buildings and campuses were rapidly abandoned during the pandemic. Now it's a year later. What happened in those office parks and downtown ghost towns? What security dangers lurk there now, waiting to ambush returning businesses?

(Continued from page 1) 

Buildings that were not properly secured and monitored over this past year present a ton of new opportunities and, as you know, "attacker" is just another word for "sneaky-pants opportunist" in the security world.

One example: "Recently, in one customer environment, hidden boxes stacked in an organization's warehouse were discovered to be housing a clandestine cryptocurrency farm in disguise, illegally running off the company's network power," says Justin Fier, director of cyber intelligence and analytics at cybersecurity firm Darktrace. "With Bitcoin at an all-time high, I can imagine malicious insiders or cybercriminals are increasingly using abandoned office buildings to place their mining rigs and steal corporate network power."  

Yikes! But that's not the only thing going down in all these newly created ghost towns.

"Alternatively, attackers may indeed break into offices to drop in rogue dropboxes, which seem inconspicuous," Fier adds. "Particularly with empty offices, these kinds of devices are likely to get overlooked by security teams, and they represent easy entry points to use for later cyber intrusions." 

In some cases, the bad guys will increase efficiencies in their existing playbooks.

"For instance, in the event of a ransomware attack, it's much easier to physically shut down a machine or pull a power plug than it is to do remotely from thousands of miles away — and in high-stakes environments, like highly secure data centers, security teams operating remotely face a real danger of not being able to act in time," Fier said.

That's just a few of the haunts and horrors that security teams are likely to find when employees return in a hybrid or full new normal workspace model.

Have you run across other interesting "pandemic specials" in your sweeps to make it safe for workers to return to their workspaces? Help the security community out and tell us about it in the Comments section, below. Have some great pandemic war stories to share? Send those to the author of this story, please — you may find your work highlighted in another feature story soon.

A prolific writer and analyst, Pam Baker's published work appears in many leading publications. She's also the author of several books, the most recent of which is "Data Divination: Big Data Strategies." Baker is also a popular speaker at technology conferences and a member ... View Full Bio
2 of 2

Recommended Reading:

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Strategist
4/30/2021 | 3:47:27 PM
Once again, this didn't need to happen ...
An IT asset management program provides value to several parties within an organization, and security is one. The simple associations of an IT asset to the user to the location solve many of these problems. Is Jane no longer in her cubical? Is she at home? Is she using a computer with a different asset identifier? When did we last hear from her old computer? What was the last location of her old computer? What was on her old computer? All these answers stored in the ITAM repository available not just to security but IT, finance, HR, etc. It's time to get serious about ITAM, again.
User Rank: Apprentice
4/30/2021 | 3:37:46 PM
Never mind the security issues...
...there will be more than a few forgotten tuna sandwiches and the like in desks and refrigerators!
Flash Poll