Friday, June 16, 2023

Going On Summer Vacation? 3 Golden Ways To Stay Cyber Safe

 


In the blogs that I have written before in the past, a common theme was when the Cyberattacker would strike. As we all know, this can happen ay any moment.  But, in a given calendar year, there are other times when the Cyberattacker lurks out of the woodworks in more droves than usual.  Some of these include the following:

*Tax Season

*Black Friday

*Cyber Monday

*December, as gift shopping ramps up to greater degrees

But there is also another time when they lurk out.  And believe it or not, that time is now, as the summer season officially starts on June 21st of this year.  Now is the time when people will be planning their much-earned trips and vacations, and basically let loose. 

But unfortunately during this time period as well, people let their guards down, and personal security becomes much more of an open door for the Cyberattacker.

For example, people tend to forget if they are making payment for a trip over a secure website, or how much personal information they are giving out.  There is also the tendency to use the credit card much more casually, and not paying attention to where it is being used, and more importantly, who is processing the transaction with your card.

So what can you do to stay safe this summer as you enjoy your trip(s)?  Here are some quick tips that you can follow:

1)     Leave work at home:

For a lot of Americans, this is a no brainer.  Heck, who wants to think about work when you are lying on the beaches of Hawaii or Florida?  But for many people, especially those who are remote workers, there is no segregation of fun time and work time.  Even when they are on vacation, they still tend to be at work.  But one of the biggest security mistakes is to take your work with you where you travel, especially when it comes to transporting work-related devices.  This is the time you could lose something very critical, or perhaps your work laptop could even be stolen, and from there, all of the information and data on it can be hijacked and sold on the Dark Web.  So the best advice here is, leave work stuff at home.  If possible, even try to lock up work-related devices in a safe in order to add more assurances that the chances that they could be stolen will be mitigated. 

2)     Don’t log into public hotspots and WiFi’s:

One of the cardinal rules in Cybersecurity is to never log into your device at a public spot, using their network connectivity.  Nine out of ten times, these connections are very often unencrypted, and the password to use is publicly known.  Worst yet, a Cyberattacker could be sitting next to you, acting very friendly.  But very little to your knowledge, he or she could be carrying a portable network sniffer in their pocket, which can very easily transfer the data packets that are being transmitted from your device to the public hotspot.  Once these data packets have been collected, they could be very easily reassembled again in order to capture the details of all your network communications.  Very likely this will even include your passwords, credit card and other banking information.  From here, the Cyberattacker can then log into your accounts, and cause even more damage.  So when you are on vacation,  try to avoid at all circumstances into using public networks!!!  If you have to use a work-related device at a public place, try to use as much as possible the hotspot from your iOS or Android device.  At least they have passwords that are difficult to guess at first try from the Cyberattacker.  Another threat you need to be concerned about when on vacation (or for that matter any other time you visit a public spot) is what is called “Juice Jacking”.  This is where the Cyberattacker deliberately inserts malware into the wireless charging stations.  This has become so bad that even the FBI and the FCC have put out alerts on this.  To see more information about this, click on the link below:

https://www.fcc.gov/juice-jacking-tips-to-avoid-it#:~:text=Cybersecurity%20experts%20warn%20that%20bad,passwords%20directly%20to%20the%20perpetrator.

Apart from using your own hotspot, as an additional layer of protection, always use a VPN.  These are essentially software packages, and are very affordable through many ISPs.  Also in an effort to become a victim of Juice Jacking, always charge up your phone with your own cables.  Remember, using public WiFi’s is the one area where the Cyberattacker will be making their move.  In fact, according to one recent survey, over 40% of respondents claimed that their personal information has been hijacked in this fashion (SOURCE:  https://www.forbes.com/advisor/business/public-wifi-risks/).

3)     Watch for abnormal activity:

As mentioned, once the summer comes, everybody wants to go on vacation, especially around Memorial Day weekend and the 4th of July.  But as a business owner or CISO, always try to be completely manned at all times.  Never try to staff your SOC with just a minimal one, in other words, your IT Security team should be fully staffed year-round, so that they can respond to threats quicker.  Try to arrange vacations and other paid off time periods to accommodate this.  If need be, even hire temporary contractors to augment your staff if you find yourself shorthanded,  though this should only be done as a last option.  Another alternative here is to use AI and ML.  These tools can keep track of anything out of the ordinary, and immediately alert you if something is not right.

My Thoughts On This:

When you are on vacation, your first priority is to enjoy yourself and relax wherever you are at.  Don’t let the Cyberattacker get the best of your fears.  Your best line of defense is simply to practice common sense, and be aware of your surroundings, especially if you are visiting a geographic location, you have never been to before.

No comments:

Post a Comment

How To Launch A Better Penetration Test In 2025: 4 Golden Tips

  In my past 16+ years as a tech writer, one of the themes that I have written a lot about is Penetration Testing.   I have written man blog...