Here’s something to consider as we enter the summer vacation season: We’re more vulnerable to digital security intrusions when we travel. We get distracted when we’re away from home and that break from our daily routine makes it easy to opt for convenience over security.
“Traveling has always been when people are most vulnerable. This goes all the way back to the days of pirates and highway robbers,” said Caleb Barlow, vice president of X-Force Threat Intelligence at IBM Security. “We’re trying to get from point A to point B, so we let our guard down and leave a little bit of our security thinking behind.”
We know the risks, according to a recent online survey conducted by Morning Consult for IBM Security. And yet, we do things that increase our chances of getting hacked when we’re on the road.
The key findings from the survey:
- More than half (52 percent) of those responding worry that their sensitive digital information will get stolen when they travel.
- More than 70 percent connect to public Wi-Fi, charge a device on a public USB station or enable auto-connect on their wireless devices. These are all considered high-risk behaviors.
Another security risk: A lot of people bring their business laptops, loaded with sensitive corporate information, with them when they go on vacation.
“Why not leave the work laptop behind and bring a spare one that has no corporate data on it,” Barlow advises. “If you need to access the corporate data or e-mail, do it through the cloud.”
Protect Yourself When You Travel
You can’t eliminate all digital threats when you’re on the go, but cybersecurity experts contacted by NBC News BETTER say you can significantly reduce your chances of having a problem by following these four simple steps:
Public Wi-Fi is risky — turn off unneeded connectivity
Public Wi-Fi is inherently dangerous because anyone can access the network and anyone can eavesdrop on what’s being transmitted, unless you use a virtual private network (VPN) to encrypt the data leaving your device.
Anyone can set up a free Wi-Fi hot spot. Scammers typically give their fake networks a name that’s similar to an authentic connection, using the name of the airport, airline, coffee shop or hotel (i.e. Hotel 1 instead of Hotel Guest), hoping to fool tired travelers.
“Connect to a Wi-Fi network that’s been set up by a hacker and you’re now giving that network permission to start taking data off your machine,” said Christopher Hadnagy, chief human hacker at Social-Engineer, a digital security consulting and training company.
If your device is set to auto-connect, you might be leaking data and not even know it. Hadnagy recommends keeping the Wi-Fi on your smartphone turned off until you need it. Cellphone data is encrypted when it travels on the mobile network. But, if Wi-Fi is turned on, and the phone connects to the mobile network via a free Wi-Fi hotspot, the data transmitted is vulnerable.
Any digital device you use outside your home, including laptop, tablet, and smartphone, should have a VPN installed to protect your data.
Here’s how Hadnagy does it: “The Wi-Fi on my phone is off and every app is shut down. I connect to the Wi-Fi and turn my VPN on. Now I open any apps. That’s the safest way to do it; you get into the VPN first before your apps start beaconing out information to the internet.”