T 5.3 Unauthorised entry into a building

If unauthorised persons are able to break in to a building or individual rooms in a building, then the organisation may be subject to a variety of additional security threats as a consequence. Such threats include the theft or manipulation of information or IT systems, for example. Safeguards intended to counteract unauthorised entry therefore also help against the corresponding secondary threats. When an experienced perpetrator conducts a well-planned attack, the amount of time the attacker has to pursue his goal is decisive. The goal of the break-in may be to steal IT components or other goods that are easy to sell, but could also be to copy or manipulate data or IT systems. In this case, manipulations that are not so obvious can actually cause much more damage than direct acts of destruction.

Property damage can also result from the unauthorised intrusion itself. Windows and doors are forced opened and damaged, which means they need to be repaired or replaced.

Examples:

• After breaking in to an office building at night, the perpetrators were not able to find anything of value. Out of frustration, they sprayed a dry powder fire extinguisher in the offices until it was empty. The damage caused by the break-in itself was minimal, but the damage caused by the vandalism was disproportionately high due to the cleaning costs and the work disruptions.

• When breaking in to a company on a weekend, minor damage was caused to a window as it was forced open. It initially appeared as though only a coffee cash box and some small furnishings and equipment were stolen, but it was discovered during a routine check conducted later that a central server was cleverly manipulated exactly at the time of the break-in.