It seems we can find ways to connect with the world, even from 30,000 feet. While flying used to be a no-wifi zone, connectivity is now available on 78 percent of US flights, according to an article on TravelWeekly.com.
This may be good for business travelers, but it can be bad for security while in-flight. According to Richard Blech, CEO of Secure Channels, a cyber defense firm, “The easiest way to look at this is that [wifi] is a public network, and public networks, in general, are not secure…If there is someone on the aircraft that wants to get into the network, they are going to get into the network.”
According to several security experts, something most travelers don’t consider when using onboard wifi is their proximity to others. “You’ve got three to five hours locked in, and everyone’s stationary,” Blech said. “That’s a world of time for a hacker.”
With this in mind, should you avoid logging on while flying? No, but common sense should prevail. Here are some tips for being mindful of a possible cyber threat while en route:
Business travelers run some pretty big risks when it comes to cybersecurity. If you’re like most people, you think nothing of pulling out your laptop in the airport or hotel, hopping on some free wifi, and getting some work done.
Except most public wifi networks are not very secure, and you run a big risk of getting hacked or downloading malware, which can wreak havoc with your computer and your life. People can also intercept messages and information flowing in and out of your computer, including emails and passwords.
There are a few things you should be doing already to make sure your electronics are already secure:
- Have a solid anti-virus program on your devices, and keep it up to date.
- Use a secure web browser with built-in security. That means Google Chrome or Firefox, not Internet Explorer.
- Only use complex passwords with letters, numbers, and special characters in random order. Not your kids’ names, pets’ names, or swapping out ‘@’ for ‘a.’ Use a password vault like 1Password to keep track of your passwords.
- Turn on two-factor authentication whenever possible. This is a code that gets sent to your mobile phone, which you have to enter during the login process. No code, no entry. LinkedIn, Gmail, and Evernote all use two-factor authentication.
- Use a Virtual Private Network (VPN) whenever you go online.
This last one is a good idea whenever you fire up your computer, but it’s definitely important when you’re out of the office.
You’ve worked hard to earn your frequent flier miles, logging all those flights and using your airline credit card whenever you can. And you probably think your miles and points are safe and secure, just waiting for you to redeem them.
Except your miles might be the target of hackers who have figured out how to crack your account, and are plundering it, selling those points for cash or tickets. Now that most airlines no longer send out monthly statements that keep travelers updated on their balances, hackers have begun taking advantage of the “out of sight, out of mind” mentality to do their worst.
But you can protect yourself from these hackers if you just take a few security steps.
First, you need to protect your airline account. Fortunately, most airlines quit using the 4-digit PIN code they had used for years, and replaced it with full password protection. But that doesn’t help you if you’re still using your dog’s name as the password. Pick a complex password that’s hard to remember or even figure out, the more complex, the better.
Rather than try to remember the password or write it down, use a password management app like 1Password or LastPass to keep track of it. Better yet, let the app generate a complex password. You can choose a random scattering of letters, numbers, and special characters, or a string of unrelated words, and store them in the app. Security experts estimate that passwords like this can take centuries to break.
There are two schools of thought regarding cyber attacks: everyone’s at risk and I’m too small for anyone to tap. One is smart thinking, the other is dangerous.
According to Jeff Moss, founder of Black Hat and Def Con, two of the world’s foremost conferences on hacking and information security, and an advisor to the Department of Homeland Security, you’re better off assuming the first than believing the second. Here’s his advice for protecting yourself from cyber threats while traveling.
Use your passport instead of your driver’s license when asked to provide identification. The driver’s license, according to Moss, contains too much information, specifically your address and descriptive features like weight, height, sex, and eye color, that can be used against you if obtained by a hacker.
Don’t leave your devices unattended. While most people assume their hotel room is secure because of the lock on the door, Moss doesn’t feel comfortable with the risk unless his laptop’s hard drive is fully encrypted. He doesn’t want to give anyone access to sensitive, proprietary data should the computer be stolen while he’s away from the room.