Jonas Walker is a Security Strategist for FortiGuard Labs and has provided some simple tips that readers should remember when using their devices on vacation this summer. This byline is a valuable resource for readers who want to travel safely and securely in an age where digital security has become paramount.
Many are eagerly preparing for their summer vacations abroad. As the excitement grows, it is important to remember that increased travel comes with increased cyber risks. If you’re planning a trip to a tropical island or a busy city, it’s important to practice cyber hygiene to keep your digital life safe.
Why is cyber hygiene important for travellers?
Cyber hygiene is similar to personal hygiene. It’s about having a routine every day. This includes following good practices to keep your environment clean, especially while traveling.
You usually travel with a device such as a smartphone or computer. These endpoints are connected to various networks, such as a hotel network, corporate network, public WiFI, or a conference. Endpoints represent the final stage of a network and are therefore the most vulnerable.
If your endpoint device is infected by malicious software, such as viruses, while you’re traveling, there is a possibility that your corporate network could be infected. If threat actors gain access to a specific device, they can gain entry to your corporate network. This allows threat actors to scan the network and move around the network. This can lead to malware at a later stage.
What can you do to protect yourself from cyber-attacks
patch is the most important thing to do. It is important to patch your systems, whether you are traveling or not. A good example would be when you update your smartphone apps in the App Store or Google Play Store. The next time you do this check the release notes and why the vendor recommends you update their app. It’s more often than not not a new feature or UI. In most cases it’s about security, like a bug which has been fixed. If these apps aren’t updated, threat actors that are aware of the issues disclosed by the vendor may take advantage of them.
It is also important to not install anything on your computer that you do not know about. You may need different tracking software when traveling, especially if your destination is different. This is especially true now that many countries require certain types of trackers for airport immigration. Install the right software and not any weaponized files that may be floating around on the internet.
It’s important to also be aware of who you share your device with. Do not let anyone use your laptop even briefly to browse a website or read some emails. This is dangerous because, if you connect to someone else’s inbox, it could lead to your opening a file and downloading malicious software onto your computer. It’s the same when connecting USB sticks to your computer from other people. You don’t know what software is on a USB drive; it could run automatically once it’s attached to your computer. I strongly recommend that you never use a USB drive from someone else.
Do not leave your laptop unlocked in the presence of others, even for a brief moment. Always lock your computer and use a complex password. Use a Password Manager to keep your passwords secure.
There are many things that IT admins can do to improve cyber hygiene. We should, for example, make it a default to update computers and only give administrative privileges to those who need them. We must understand the behaviours of these endpoint devices to know what systems are nearing their end-of life. If someone in your Finance Department uses a lot Power Shell scripts, this is not normal for a Finance Department.
In the event of a laptop being lost, which is very common when people travel, it’s important to encrypt all data. If you don’t encrypt your system, even if it has a password, threat actors can still access the data because they have physical control of the device. You should keep an inventory of the hardware and software that is in your company. This is especially important if you have people who bring different devices back to your network. Even if you think you’ve got everything under control, it’s a good idea to have a incident response plan, so you can know what will happen if a laptop is stolen.
How do employees stay connected to their essential network while traveling?
If you can, avoid connecting to public WiFi networks, especially when there are many people around. You are not in control if you connect to a Wi-Fi network that is open. You have no control over the security of this network, so you can’t tell who’s on it or what they’re doing. You now allow other users to scan your system directly if the network security is poor.
I have different solutions to this problem. It is best to purchase a SIM card for the country you will be visiting to create your own hotspot where you are the only member of the network. You can also buy a mobile Wi Fi router to use only by yourself if you travel to different countries. It’s easy to access the environment, no matter where in the world you are. The costs are usually low. If you must join a network, do not perform any sensitive tasks. Do not log in to your bank account or make online payments. This reduces the risk of you becoming involved in a cyber-security incident.
Social media is popular when people travel. What should employees avoid using social media to stay safe?
I try to avoid using social media accounts as a login to certain platforms. If you connect to WiFi, you may be asked to create an online account or log in using one of your social media profiles. Logging in with a social media account gives the platform’s administrators access to sensitive information. To avoid this, I recommend creating a disposable account for travel. This account can only be used to connect to Wi-Fi, without exposing any sensitive information.
Scams that occur on instant messaging services are another area where social media users should be careful. Social Engineering remains one of the most popular and successful methods for gaining access into user accounts. The more information you reveal about yourself and your social media accounts, and the easier it is for attackers to gain access. People asking for help in social media sites like Reddit or other large forums are a good example. Other users may ask for more information to help. You should be aware that, if you post sensitive information or configuration files about your environment on public websites to help others, it is not difficult for others to find and use this information against you using open source intelligence techniques.
In the last two decades, QR codes have become a popular way to track people. You should also be aware of the risks associated with scanning QR codes. When you scan a code, it usually opens a website on your device. If it opens a site, the website could be compromised and download malicious software to your device.
In conclusion
It’s important to be vigilant about cyber hygiene as you prepare for your summer vacations. This will protect your digital life. These steps are crucial for a safe travel experience. They include updating your system, being cautious when using public Wi-Fi, avoiding suspicious downloads, and protecting your social media data. Follow these tips and enjoy your trip knowing that you are protected by cyber defences.
Image credit: FortiGuard Labs