Member Article
Sun, Sea and Cybersecurity
It’s nearly time to break away from your desk, set your out of office and board a flight to sunnier climes. Years ago, setting that out of office reply would signal the start of an enforced digital detox. However, these days few people can say that’s really the case.
Whether we’re travelling for business or pleasure, the majority of us would rather stay connected and continue at least some elements of our everyday lives online. Indeed, nearly two thirds (59%) of us are hooked to our devices, according to Ofcom, and we will continue to check our emails, transfer money or stream our favourite TV shows from wherever we are in the world.
Exotic holidays and glamourous work trips may even make us more likely to venture online, with Expedia recently highlighting that sharing – and perhaps flaunting our travels – on social media has become an integral part of the experience. Far from going overseas to “switch off”, we are turning data roaming on, connecting to the nearest WiFi and going about our work or life admin as usual.
These digital habits have become so normal, it can be easy to become complacent when travelling, but there are some significant cyber risks we simply cannot afford to ignore. Here’s my take on the biggest issues for travellers and advice on how they can stay safe at this time of year:
**Travel fraud and identity theft ** In 2016, fraudsters stole £7.2 million from close to 6,000 unsuspecting holidaymakers and travellers, according to ABTA and the City of London Police. The number of reported cases has risen almost 20% year on year, with the most common types of fraud relating to airline tickets, online accommodation booking and timeshare sales.
In addition to sophisticated scams, which target people spending large sums of money, travel bookings carry the same risks as any other online transaction, with hackers going after personal and financial details. It’s important to take precautions when sharing this information online even when using a reputable website or transferring funds to a known contact. This includes making sure the website is secure (i.e. it starts with https:// and there is a padlock symbol in the browser window frame) and using a strong password, which is different to all your other online accounts.
**Connecting devices to insecure networks ** When travelling we’re already in unfamiliar territory, navigating our way around new surroundings and overcoming potential language barriers. If everything around us is already totally different, it can be all too easy to forget fundamental online security rules and connect devices to unfamiliar WiFi connections. Travellers should be wary of potentially insecure public networks, especially those in airport lounges or hotel lobbies that offer quick access and aren’t password protected.
Accessing an insecure network could allow hackers to intercept anything you do online, from reading private emails to capturing passwords. It could also provide them with a vehicle to deliver malicious malware. In Asia, the ‘Darkhotel’ hacking group used this technique to target business executives visiting luxury hotels. When targets logged onto the hotel WiFi, they would be greeted with a pop-up asking them to download updates to popular software, such as Adobe Flash or Windows Messenger, giving permission to the download led to infection and subsequent theft of data from their devices.
Travellers should avoid sending or receiving private information when using public WiFi and corporate networks should always be accessed using a secure, encrypted VPN.
**Devices and data targeted by thieves ** Being on the move with multiple phones, tablets and laptops can increase the risk of theft and criminals are no longer just after the device itself; the data it holds could potentially be even more valuable. Hackers are on the look out for information, such as bank log-in credentials. They may even attempt to trick friends, family or colleagues into transferring your money under the guise that your wallet has been taken.
Before you head away this summer, make sure your passwords are not stored in a way that makes them easy to access if a device is lost or stolen. It’s also wise to back up files, remove any sensitive data and make sure your device has up-to-date antivirus software installed.
Being able to connect from anywhere in the world has transformed the way we work and travel, but this also exposes us to danger if we do not think carefully. Tourists and business travellers alike should put measures in place to protect their information from harm and stay cyber savvy throughout the summer.
This was posted in Bdaily's Members' News section by Keiron Shepherd, Senior Security Specialist, F5 Networks .