Tailgating - Physical Intrusion by Following

About 2 min read

Tailgating is a physical intrusion technique in which an unauthorized person follows closely behind someone with legitimate access rights and slips through the door the moment it opens. Often described as the physical counterpart of social engineering, this method requires no advanced technical skill at all and exploits the psychological weaknesses of human goodwill and politeness. Even organizations that invest heavily in cybersecurity can grant direct access to their internal networks if their physical access control is lax, making it an overlooked yet serious threat.

The Difference Between Tailgating and Piggybacking

These two terms are easily confused, but they differ decisively in the degree of involvement of the authorized person. Tailgating is a case where an unauthorized person enters without the authorized person noticing, or in a situation where they cannot stop it even if they do notice. Piggybacking, on the other hand, refers to a state in which the authorized person intentionally holds the door open to let the unauthorized person through, meaning that collusion is established.

The practical problem is that the boundary between these two is blurry. The act of "holding the door for someone whose hands are full of packages" is, at the same time, both well-intentioned piggybacking and a typical scenario of tailgating that can be exploited by an intruder.

The Reality Revealed by Penetration Testing

In physical security audits and penetration tests, it has repeatedly been reported that the success rate of tailgating is astonishingly high. The reality is that a tester wearing work clothes and carrying a cardboard box, simply saying "Excuse me, my hands are full," can get into many office buildings. Among real-world social engineering cases as well, there are many documented instances where physical intrusion became the starting point of a cyberattack.

Typical techniques used by penetration testers include impersonating a delivery person or cleaning staff, the pattern of entering together after chatting with employees in the smoking area, and the method of pretending to be a colleague by claiming to have "forgotten my card." The basics of physical security can also be studied systematically through physical security books on Amazon.

The Tailgating Intrusion Flow

Countermeasure Technologies and Operations

Countermeasures against tailgating must be approached from both the physical mechanism and the human awareness perspectives. As physical implementations of access control, the following technologies are effective.

However, the most important countermeasure is security awareness education. Instilling in the organization a culture of "not holding the door open for strangers" and "speaking up when you spot a suspicious person" is more effective than any technical countermeasure. The Basics of Physical Security also explains how to design such educational programs.

Physical Security in the Remote-Work Era

With the spread of remote work since the COVID-19 pandemic, the challenges of physical security have changed in nature. As office attendance rates have declined, vigilance toward "unfamiliar faces" has weakened, creating an environment where tailgating is more likely to succeed. Employees who come into the office only once or twice a week cannot fully keep track of who works on the same floor, which diminishes their ability to identify suspicious individuals.

Meanwhile, the risk of shoulder surfing has shifted to cafes and coworking spaces, expanding the scope of physical threats beyond the office. From the perspective of insider threat defense as well, an approach that grasps physical security and cybersecurity in an integrated manner is required.security awareness training resources (Amazon) can also be used to build an organization's training program.