For travelers, distraction may be top cybersecurity threat
October 19, 2018By Robert Herschbach
Planning travel during the holidays, or have business trips on your calendar? You’ll almost certainly bring your mobile phone and probably also your laptop.
The convenience of having these devices with you comes with some serious security risks – and cybersecurity experts say the biggest vulnerabilities are human rather than technological.
The human mind selects and prioritizes concerns, says Dr. William Butler, chair of the cybersecurity department at Capitol Technology University. When traveling, it’s easy for cybersecurity concerns to slip further down the list – or drop off it altogether.
“Travel takes you out of your normal frame of reference,” Butler says. “You’re focused on things that are not normally in the forefront -- accommodations and transportation, for instance. You’re trying to get to that plane on time. You’re remembering where you parked. You’re checking to make sure you have your passport. You’re using your brain for a multitude of purposes, and the part of your brain that is concerned with protecting your digital assets may not be engaged at all times.”
“It’s just how the mind works. We can only handle so many inputs at one time before we’re overloaded. When we’re traveling, we worry about things that are not normally the things we worry about – and we think less about other things that would normally be higher priority.”
Just as there are thieves who will watch for distracted travelers – say, people looking up at a screen to check on a boarding gate – cybercriminals wait to take advantage of temporary lapses in cyber awareness. That could include clicking on a link in a dubious text message, for example. You might have mistaken it for a notification from your airline, hotel, or shuttle service. Before you realize the error, the damage is done.
“With text messaging in particular, we’re accustomed to instantaneous response. You receive a text, there’s an expectation that you’ll reply right away. With e-mail, the time window is a little longer, but you generally still want to answer in a timely manner,” Butler says. “While traveling, the compulsion to check e-mail or answer texts can lead to some unwise decisions.”
That can include logging into free WiFi at an airport, hotel, or café.
“Your flight is boarding, but you really, really want to fire off that e-mail before you get on the plane. We’ve all done it. In the back of your brain you may be conscious of the risk, but your desire for internet connectivity proves stronger.”
While it’s hard to eliminate the risks that arise from human psychology, Butler says, there are nevertheless some practical steps that travelers can take in order to protect their devices and data.
One is to install a Virtual Private Network (VPN). When you use WiFi, your unencrypted data – which can include login credentials, passwords, and credit card data – is there for the picking. A VPN will prevent that from happening. It has another advantage, too: if you’re traveling in parts of the world that restrict access to services such as Google or YouTube, a VPN can help you get around those restrictions.
Along with the VPN, it’s advisable to install a personal firewall, Butler says. You’ll also want to make sure you’ve updated your antivirus software.
What if your phone gets lost or stolen? Password protection for your device and make sure you have configured apps that will help you find a lost device or disable it in case of theft.
“Phones can be set to automatically wipe after ten unsuccessful login attempts. They can be set up to automatically take a photograph of whoever is trying to log in, and then send that photo to an e-mail address you have chosen," Butler notes.
Bottom line: some degree of risk is inherent in travel. Be mindful of the distraction factor and install some common-sense safeguards, however, and you’ll make it that much more difficult for cybercriminals to catch you unawares.