Physical access to a device usually allows you to get full control, or at least be able to 'wiretap' its network packets.
Lots of fun little devices to screen capture or keylog allow an attacker to get credentials and harvest secure information. Many of these devices have wireless capabilities now, so you only need to enter facility once to plant it, and then you can download the capture from outside the building. Very few companies can prevent attacks when the attacker has valid credentials.
Once you're inside a network, you're past all of the perimeter defenses, and most companies have tons of secure information flying around. Mimikatz and responder are devastating for most Windows networks: grab the credentials, use them to pivot or get more info to grab more credentials, repeat until you get an it admin account, and you've got the keys to the castle.
Lots of fun little devices to screen capture or keylog allow an attacker to get credentials and harvest secure information. Many of these devices have wireless capabilities now, so you only need to enter facility once to plant it, and then you can download the capture from outside the building. Very few companies can prevent attacks when the attacker has valid credentials.
Once you're inside a network, you're past all of the perimeter defenses, and most companies have tons of secure information flying around. Mimikatz and responder are devastating for most Windows networks: grab the credentials, use them to pivot or get more info to grab more credentials, repeat until you get an it admin account, and you've got the keys to the castle.