This is a summary of an article written for International Business Times by Fortinet’s Chief of Security Insights and Global Threat Alliances, Derek Manky. The entire article can be accessed here.
The holiday season is officially here, meaning kids and adults alike are enjoying some well-deserved time off and the chance to unwind. As people across the world begin to prep for their vacations, though, many are not fully prepared to deal with all of the risks that can come with travel. While theft of physical possessions, such as passports, wallets, and purses, may be our biggest concerns, the threat of cyber theft is quickly becoming more likely.
Considerations for Cyber Threats While Traveling
For most people in today’s technology-reliant world, the thought of being offline for extended periods of time is almost impossible to imagine, even while on vacation. Which is why it is critical that those traveling with multiple digital devices not only prepare against the potential theft of the devices themselves, but also about cybersecurity and data theft.
In 2018, the FBI's Internet Crime Complaint Center (IC3) received an average of over 900 complaints of data theft and malware each day. When adding travel into the mix, this risk of cyber theft is heightened as individuals are often navigating unfamiliar territory while distracted, leaving their devices in the open and connected to the internet and Wi-Fi. Fortunately, there are steps that you can take to reduce your vulnerability and exposure to potential cyber threats.
Here are eight tips for keeping your data secure this holiday season, from pre-travel all the way to your final destination.
- Pack only what you need: When preparing for a trip, try to limit the number of connected devices that you and your family will be carrying around – once a decision is reached, be sure to remove as much personal data from those devices as possible. Take the time to back up data and devices to the cloud and remove anything that is not necessary.
- Don’t reuse passwords: While many choose to save time and energy by using the same password across multiple accounts, this can enhance the damage that is done by a single password theft event. In order to reduce the risk of password-based cyber risk, individuals need to get creative. This includes swapping letters for numbers or using the first letter of each word in a favorite catchphrase. For an extra layer of security, two-factor authentication is another viable option for protecting sensitive information.
- Encrypt data stored on your device: When possible, use encryption software to keep sensitive data private, even if devices have to be surrendered for inspection at a border. You should also install a VPN application and know how to use it for those times when business or transactions need to be handled in a public setting.
- Be aware of WiFi and Bluetooth usage: Cyber criminals looking to steal data often spoof public WiFi networks in various settings, including airports, coffee shops, and hotels. While these networks appear to be safe, and still connect you to the Internet, they are also stealing your data and user credentials – this is known as a man-in-the-middle attack. Turn off automatic connections for WiFi and Bluetooth on your phone, confirm that a business’ WiFi SSID matches what you are seeing on your phone, and set up your phone as a hotspot as opposed to using public WiFi networks.
- Avoid USB charger ports: While USB charging stands in public settings can be tempting, plugging a USB cable into these charging ports can enable cyber criminals to download your personal data while your device is charging. This threat, also known as “juice jacking”, can be avoided by simply plugging in your own adapter to a normal electrical outlet or a portable charger. For those times when the charging stand is the only option, make sure your devices are turned off before they get plugged in.
- Ensure the physical security of your devices: When your devices are not in use, be sure to keep them turned off and locked with a password to prevent them from being accessible to those who could use them for profitable gain alongside cyber criminals.
- Recognize phishing attempts: Phishing attacks are a common threat that many fall victim to on a regular basis, and those on vacation are no exception. If you are sent a suspicious link from somebody you know and trust, confirm it was in fact them who sent it – if not, their email could be compromised. Look out for key signs of a phishing scam, including bad grammar, misspellings, or uncharacteristic language. Finally, hover over URLs before clicking on links to determine whether or not they are genuine.
- Keep things to yourself: When on vacation, there is no need to let the criminals back home know you are gone. Avoid sharing information about your exact location or where you will be going – enjoy your time away!
While cybersecurity may not on the mind of most people when preparing for vacation, it can mean the difference between having a great time and having your personal information stolen. By understanding the cyber risks associated with traveling, you can effectively prepare and be able to enjoy your time away, no matter where you are in the world.
Want to learn more about cybersecurity? Educate yourself. Find out more about Fortinet’s NSE Institute programs, including the Network Security Expert program, Network Security Academy program and FortiVets program.