I mean a normal passenger on a normal plane making a normal trip to an office building and finding a hidden location where to tape a small box with an arduino in it. Maybe even on the outside so you can use solar power? Though it only needs to last long enough to compromise a machine inside the network.
This would be nothing new, I remember ages ago in the days of WEP that you could buy a small box that would collect enough handshakes to let you crack the WEP password.
For the length of time this article covered you would need a power source and to not have your box discovered for months. Probably something out on the street isn't going to fulfill both of those requirements so you'd be trying to enter "Enterprise A" which is unlikely given the presumed elevated security profile this article implies (any guesses who?). With what they pulled off the "box" that ended up being used was something already plugged in next door and very much supposed to be there. Seems easier than any physical attack would have been.
It was pretty easy to do without buying the box if you had a network card you could put into monitor mode. Fun thing was that you only needed one handshake initially, then you could replay it and collect the responses which were each initialized differently.
I've tried the WPA equivalent attack (capture handshake, crack offline...) against targets with physical security that extended beyond their wifi. It was a bit arduous and fiddly and expensive and risky. If I could've compromised a neighbor and gotten the handshakes without traveling for them I'd definitely have preferred that option.
Reusing existing digital compromise toolkits on a presumably far less hardened targets across the street is far easier than trying to deploy hardware thousands of miles away.
The timeline here for the entire sequence of events is 1-2 weeks.
or just do some fun hacking that doesn't have you at the location of the hack