Don’t Use Public USB Charging Stations, and Other Cyber Travel Tips

Don’t Use Public USB Charging Stations, and Other Cyber Travel Tips

Everyone is familiar with travel safety tips such as leaving valuables at home and keeping their hotel room locked, but few people give any thought to cybersecurity while traveling. Yet according to the 2019 IBM X-Force Threat Intelligence Index, the transportation industry is now ranked second for cyberattacks, up from tenth in 2017.

Hotels, airlines, car rental agencies, and other travel and transportation companies are treasure troves of information that can be put up for sale on the Dark Web, used to orchestrate other cyberattacks, or even leveraged for real-world blackmail or stalking. In addition to credit card numbers and personal identifying information (PII), hackers can abscond with detailed profiles of travelers’ travel patterns, including where they go and why, who they travel with, when and where they stay, and even things like what types of meals they have sent to their room. It is likely that Chinese nation-state hackers seeking to build travel profiles on government officials were responsible for the Marriott Starwood breach, which compromised 500 million of the hotel chain’s rewards program customers.

Hackers also target travelers themselves. Caleb Barlow, Vice President of X-Force Threat Intelligence at IBM Security, told Forbes that using public USB charging stations, such as those found at airports, “is kind of like finding a toothbrush on the side of the road and deciding to stick it in your mouth.” Turns out hackers can compromise these stations so that they transfer data or install malware on any device that connects to them. Barlow recommends using a plug-in wall charger, a portable charger, or a Juice Jack Defender, a small gadget that sits between your device and the public station and ensures that only voltage gets passed between them.

Here are more tips to keep your systems and hardware safe while traveling for business or leisure.

Before you leave

Pack only what you need. The more electronic devices you take, the more you’ll have to keep safe.

Avoid traveling with devices that contain sensitive information. If your trip is for business, ask your employer about giving you a loaner laptop or phone.

Update everything. Make sure the operating systems and software on all of your devices are up-to-date. (You should be doing this anyway.)

Lock your devices down. Protect all of your devices with strong passwords, multi-factor authentication, or a biometric lock, disable file-sharing options, and turn off Bluetooth. If you must travel with a device that contains sensitive data, use encryption software to encrypt it.

Turn off network auto-connect. Turn off the feature on your cell phone that allows it to automatically connect to available WiFi networks, and keep it off. Hackers often set up phony “honeypot” networks, then observe the activity and capture data from anyone who connects to them.

While you’re on the road

Avoid using public WiFi. The free public WiFi offered to guests at hotels, airports, and restaurants is as dangerous as public USB chargers. Tether to your phone instead. If you must connect to a public WiFi network, use a VPN; if you’re traveling for business, your employer may provide you with one.

Protect your electronic devices like you do your wallet. Never leave your phone, laptop, or other electronic device unattended in public, not even for a moment. Make sure your laptop bag never leaves your possession. Lock up anything you leave in a hotel room. Keep your phone tucked inside an interior pocket, and don’t set it down on a counter while you reach into your purse or wallet. Never let a stranger “borrow” your phone or any other device; it takes only a moment for a hacker to install malware on it, or break into a run and vanish into a crowd.

Don’t share your movements on social media. It’s tempting to share vacation photos or virtually “check in” to your hotel and attractions. The problem is that your friends and family may not be the only ones following along; criminals could also be watching, and if they know you’re at a theme park, they know nobody is in your hotel room, office, or home. Save the photos and stories for when you get home.

Don’t connect your phone to your rental car. Many rental cars offer Bluetooth connectivity, but these vehicles may retain your personal information, such as your contact list, even after you’ve terminated the connection. Bluetooth connectivity also leaves your device vulnerable to hackers.

Use credit cards, not debit cards. Point-of-sale systems are notoriously insecure. If your debit card information is stolen, hackers will gain access to your bank account, and you also won’t have as much recourse to get fraudulent charges refunded as you would with a credit card.

Don’t Use Public USB Charging Stations, and Other Cyber Travel Tips

Research & References of Don’t Use Public USB Charging Stations, and Other Cyber Travel Tips|A&C Accounting And Tax Services

Leave a Reply