How familiar are you with the cyber dangers of today’s travel? Most of you have heard the standard safety tips regarding travel such as, “leave anything valuable at home” or “don’t leave your hotel room unlocked.” Yet, I am willing to bet, most have not given any direct attention to the risks of cybersecurity while traveling. According to the 2019 IBM X-Force Threat Intelligence Index, the transportation industry (such as business trips and vacations) is now ranked second for cyberattacks, up from tenth in 2017.
As most of you already know, being competent, aware, and informed are the first line of defense in the never ending war on protecting your data and money. After all, by now most everyone has heard from the lawyer representing their late deceased uncle in Nigeria who left you millions… but most haven’t given any thought to being prepared for the upcoming summer travel season. Don’t get me wrong, forty years ago, you didn’t have to give much thought to cyber defense. There was not a cyber-footprint to speak of. With any sort of progress comes risk. In order to correctly manage that risk, you must prepare yourself for the worst by maintaining awareness of the dangers to come. Something I have mentioned before, is not if we will be attacked, but when.
While traveling, you MUST plan ahead:
- Remember… the more electronic devices you travel with the higher the risk of being hacked.
- Avoid traveling with devices that contain sensitive information.
- Make sure your device software is fully updated and data is backed up.
- Make sure you have protected your devices with strong passwords with at least six numbers and wherever possible use/enable two factor authentication.
- Turn off Bluetooth! (Bluetooth opens up a route for bad actors to gain access to devices)
- Turn off Wi-Fi auto connect – Cyber criminals have been known to set up fake networks and capture data from any party that connects to them.
Travelers are becoming a major target for bad actors:
Caleb Barlow, Vice President of X-Force Threat Intelligence at IBM Security, told Forbes that using public USB charging stations, such as those found at airports, “is kind of like finding a toothbrush on the side of the road and deciding to stick it in your mouth.” Turns out hackers CAN and DO compromise these charging stations. They do this by transferring data or installing malware into the port, prior to any device connecting to them. Barlow recommends using a plug-in wall charger, a portable charger, or a Juice Jack Defender (a small gadget that sits between your device and the public station), and ensures that only voltage –rather than data– gets passed between them.
- Avoid using public Wi-Fi. The free public Wi-Fi offered to guests at hotels, airports, and restaurants is as dangerous as public USB chargers. Tether to your phone instead. If you must connect to a public Wi-Fi network, use a VPN.
- Avoid connecting your phone to a rental car. These vehicles may retain your personal information, such as your contact list, even after you’ve terminated the connection.
- Protect your electronic devices like you do your wallet. Never leave your phone, laptop, or other electronic device unattended in public, not even for a moment.
- Make sure your laptop bag never leaves your possession, and if it is left in a hotel make sure it is locked away.
- Do not leave your phone unattended in public, EVER.
- Never let a stranger “borrow” your phone or any other device; it takes only a moment for a hacker to install malware on it, or steal it.
- As tempting as it is, do not share your movements on social media. Your virtual “check in” announces your location to friends as well as criminals.
- Never use debit cards whilst traveling. It is much harder to dispute debit card fraud with your bank. And besides point of sale systems are a point of vulnerability in foreign countries. Why put yourself at risk using a pin code that can be so easily taken advantage of in a foreign country.
In summary, you should be prepared well before you begin traveling to ensure your sensitive information is protected. Travelers should determine if they need to bring computers, tablets, gaming devices, or other pieces of tech hardware knowing that their private information can so easily be manipulated.
Ensure all of your devices are password-protected, with an option for remote wiping in case of loss or theft. Operating systems for all devices should be updated, including critical security patches. File sharing options, auto connect, and location sharing functions should all be disabled.
Travelers should alert banks and credit card companies about their travel plans to avoid potential fraud restrictions from being placed on their accounts. Spending should be limited to one or two cards if possible. This makes it easier to check spending after returning from a trip and to detect suspicious purchases or transactions.
There are many ways an individual can be cyber attacked, most are discrete and unnoticeable. By following these basic suggestions you have at least done the minimum to ensure a trouble free vacation… Bon Voyage!