As we get closer to the end of 2022, and look back in reflection at 2020, one thing is clear – the digital revolution is now well and truly underway, and the once decimated travel industry is making a strong comeback.
The travel industry took a big hit in 2020 when COVID-19 triggered lockdowns across the globe. With international vacations and traveling for business meetings cancelled, people found new means of recreation and communication. But now airlines like Jet2 and EasyJet are reporting a “strong uptick” in bookings as the industry enters a period of rejuvenation. For everyone getting ready to set off on vacation or to take their work with them as they travel, it is important to defend your devices against opportunistic cyber attackers.
When we travel, our digital security is at higher risk. This is because attackers know that we are dependent on our devices for many important functions and are also likely to be less cautious than we would be in our day-to-day lives. Users are more likely to engage in risky habits like connecting to unsecured airport Wi-Fi when pushed for time before boarding a flight. Hackers understand how these stressful environments might lead to more people letting their guard down, so they find ways to exploit that opportunity by setting sly traps.
What Are The Risks To Your Devices While Traveling?
There are a lot of things on our minds when we travel—do I have enough time to get to my gate? Is the hotel decent? Do I have my charger? Did I lock the backdoor? Understandably, we tend to be less focused on cyber security while our brains are otherwise occupied. In these conditions we might convince ourselves that it’s no big deal if we take little risks we usually wouldn’t. What are the odds that out of everyone in this busy airport or train station we would be the unlucky one targeted by a cyber-attack?
But it can, and does, happen. If you are that unlucky person, it’s going to put a real damper on your trip. If you avoid the following risky behaviors, you can keep yourself safe, and worry about the important things like boarding passes, dinner reservations and getting over jetlag.
Charging Your Phone In Public
Smartphones have a notoriously short battery life – while waiting in an airport lounge, there’s often nothing better to do than scroll through your apps and drain your battery. We will often run low on charge before we’ve reached our end destination. Luckily, there are lots of handy charging ports you could use. Very unluckily, using these changing ports runs the risk of opening you up to hackers.
So, your phone is getting low, and you decide to stop at a coffee shop and plug your phone into an available outlet or power station. What you don’t realize is that hackers have already compromised this outlet. This type of attack – often referred to a ‘juice jacking’ – is a tactic cybercriminal have been using for many years, which poses a serious threat to cyber security, information security, and user privacy.
Hackers will hijack the power supply channel and install tracking programs which mirror and record victims’ screens. In the same way that your USB cord allows you to download the pictures you’ve taken to your laptop, the same cord can be used to transmit data between your phone and the compromised outlet you plug into. Once this happens, hackers can gain access to your photos, messages, contacts and emails, and can see (and record) any passwords or pins users input while plugged in. Unfortunately, there is no way to know whether an outlet has been compromised before using it, so it’s better to avoid them entirely. Alternatively, try to:
- Fully charge your device before leaving your home or hotel
- Switch off your data and any battery draining apps
- Turn on low power mode
- Consider uninstalling data usage heavy apps
- When you’re not using your phone for long periods, turn it off
- Use a camera for picture taking, instead of your phone
- Invest in a power bank
With some extra forethought and planning, you can take steps to keep your data safer when you’re on the go.
Using Public Wi-Fi Networks
We’re all reliant on Wi-Fi these days, so it is tempting to want to log into public Wi-Fi networks to avoid using up our data and avoid astronomical international data roaming charges. But public networks are unsecured and using them leaves your devices vulnerable, even if the network seems reliable (like the free Wi-Fi at Starbucks or in a nice hotel).
Access fees do not guarantee strong security either – just because you pay to access a Wi-Fi network, it does not guarantee that the network is secure. Public networks can be accessed by anyone at the click of a button, or the creation of a free account. With this level of easy access, they are many ways a cybercriminal could take advantage of unsuspecting users who want to browse the web – these include man-in-the-middle attacks, malware distribution, snooping and sniffing, password and username theft, and worm attacks.
Avoid the temptation to use public Wi-Fi on your travels by:
- Bringing a portable router that is compatible with your service provider
- Make sure to conduct any important business that requires internet access before you leave a place with secured Wi-Fi access
- Ensure your mobile contract has enough data for your needs
Accessing Your Bank Accounts
Traveling can be costly, and bills need to be paid whether you are abroad or not. With currency exchange rates fluctuating, you might want to frequently check bank statements to make sure you haven’t gone over budget of missed an important payment. However, doing this on a device that is connected to an open network is highly risky.
There are some exceptions to this, like if you are staying with family or friends and can use their secured home Wi-Fi, but for the most part you are better off avoiding checking your bank.
Financial websites and apps will protect your information by encrypting it before sending it over a network, so even if a hacker is snooping, your data will remain secure. You’ll be notified by your browser that you are on a secure site by the displaying of the padlock icon and “https” in the address bar – the “s” stands for secure. Even when a site appears to be secure, you should remain cautious. If you connect to a compromised network, hackers can hijack traffic and redirect you to an imposter page that looks indistinguishable to the legitimate site. The site will show all the hallmarks of a secure, reputable page that you’ve used before, when it is, in fact, a fraudulent site. Mobile banking apps are, generally, less risky, though even these are not infallible.
Get ahead of this risk by:
- Setting direct debits up for your bills before you go
- Keep track of your daily spending (with an app or in your notes) to make sure you are not going over budget
Password Reuse And “Soft” Security Questions
You’re probably already aware that you should never reuse passwords, or use very simple passwords, to secure your accounts. Incredibly, “123456” is still one of the most common passwords. This advice is just as important when you travel. With so many other things to worry about, many travelers will sacrifice their security for ease-of-use. They will make their passwords the same for all accounts, ensuring that they can quickly access any account they need. Accessing your bank account, phone account, social media accounts etc., with one, easy to recall password secured behind an easy to answer or ‘soft’ security question, ensures you won’t find yourself locked out of an important account at an inopportune time.
However, it also leaves the door wide open for attackers. It’s a hackers dream to find a target with a single password covering all their accounts as it makes it so much easier and quicker to steal from you.
To keep yourself safe, be sure to:
- Make sure the answer to your security questions is not obvious or easily found on your public social media accounts
- Use varied and complex passwords on all your accounts. A good password manager should help you to achieve this, and make sure you don’t lose access
- Ensure your accounts are secured by MFA to make it harder for hackers to gain access
Ways To Secure Your Mobile Devices While Traveling
When Not In Use, Turn Off Bluetooth And Wi-Fi
As well as resisting the urge to connect to public Wi-Fi, you should change your device settings so that you won’t automatically connect to network. Hackers will often lurk in open public connections, so by disabling these connections while you are away from trusted Wi-Fi you can better protect your devices from needless risk. You might not even realize your device has connected to a network, but the hacker will be at work. This is also good practice to avoid draining your battery. This continuous search for a network puts strain on your battery. Disabling automatic network connection can protect your accounts, whilst saving your battery, thereby avoiding the need to charge your device from a compromised charging port.
Keep All Software Up-To-Date
This is solid advice at any time. As we find ourselves extra vulnerable when we travel, anything that can be done to minimize our vulnerability is invaluable. A software update might seem insignificant and unimportant, but it could contain a software “patch” that addresses a known security vulnerability. It might be tempting to ignore prompts to install updates as it can feel disruptive and inconveniently timed, but it is very important. Outdated and obsolete security leaves your devices vulnerable to thieves and hackers. The amount of personal information and personal transactions stored on your device makes it an appealing target for hackers. It’s vital to maintain a solid foundation of security to protect yourself and this personal data.
Use A VPN
If you need to access public Wi-Fi in airports or other public spaces, doing so with a VPN is the way to go according to cybersecurity experts and the Federal Trade Commission (FTC). A VPN allows you to create a secure network connection over a public network. By encrypting your connection and tunneling all data through an alternate server, you can use an unknown Wi-Fi network and keep yourself safe.
With a VPN, all data passing between your device and the VPN is encrypted, which means not even you internet service provider (ISP) would be able to spy on your actions. By filtering all traffic through the VPN, you can prevent any attackers, who are lurking in the network, from monitoring any traffic. Attackers may still be able to identify which secure server you are connecting to, but bypassing the protections provided by the VPN would be nearly impossible and not worth the attacker’s time and effort when there are other easier targets.
Use An Antivirus Solution
It may not always be possible to avoid coming into contact with potential threats, no matter how well informed or how careful we are with our actions. Something may eventually slip through the net despite our best efforts, so it is good practice to invest in ways to prevent significant damage.
One of the best ways to avoid the often-devastating consequences of experiencing a cyber-attack is to install antivirus software on your devices. A good antivirus solution will scan for cyber security threats and alert users if it detects anything it deems suspicious, so potential attacks are mitigated. This both hances security and gives you some much-appreciated peace of mind.
It is easy to overlook our cyber safety when we travel as our minds are typically more occupied with the need to keep ourselves physically safe when in unfamiliar territory. But with so much of our lives and livelihoods tied into our apps and devices, it is important to ensure we don’t neglect our cyber security. Even in all the upheaval that traveling can cause, we have to be smart and take steps to avoid our data and devices ending up in the hands of opportunistic cyber attackers. Fortunately, with a little bit of forward planning, you can keep yourself safe while you travel.