Cybercriminals threaten business travelers and the organizations they represent with reputational damage and financial losses. Research shows that travelers going to a wide range of countries face a growing threat from cybercriminal activity, both from sophisticated as well as less capable groups. Cybercriminals use techniques such as drive-by downloads and phishing attacks to facilitate financial fraud and steal credentials (for online banking, for example). They typically also use remote access Trojans (RATs) to install malware, allowing them to monitor victims’ behavior on their devices.
Hotels are a particularly attractive target for credit card fraud, because their WiFi networks are public and do not offer protection for communications. Cybercriminals can set up WiFi networks claiming to belong to hotels or trusted organizations to monitor online behavior and obtain passwords, or can scan legitimate but vulnerable WiFi networks to steal sensitive information from devices connected to these networks.
Multiple cyber espionage groups have also been known to high-value individuals through hotel WiFi networks. Hotel networks typically have weaker encryption than corporate networks, making communication on connected devices vulnerable to interception by cyber threat actors.
Travelers also face a heightened risk of data breaches from their devices as governments increase security measures at sensitive border crossings. This can include confiscating devices for inspection, then installing malicious software such as spyware to gather information. There is a high probability that travelers, especially those in strategic roles, will be targeted in more covert forms, such as through social engineering and by intercepting electronic communications.
Securing information when travelling
Travelers should take precautionary measures before, during and after travel, especially to high-risk locations. Corporate and personal devices will process and store information that is of high value to cyber threat actors. Before travelling, organizations should ensure travelers only take devices necessary for their trip, and secure these devices and the data they hold. Protective measures include updating software on devices, enabling multi-factor authentication for online accounts, encrypting data stored on a device, and using virtual private networks to protect communications.
While travelling, travelers should be vigilant about where and how they use their devices. Especially when in public places such as airports, hotels and restaurants, travelers should closely guard their devices and avoid accessing sensitive information including online banking, commercially sensitive data and personal information. Travelers can use privacy screens to limit their devices’ visibility to people nearby, and combination locks to secure laptop bags. When they return, travelers should run antivirus scans on all devices to remove potential malware, and should change passwords on devices and for online services used on their trip. Travelers should also remove any WiFi networks they have connected to on their trip, using the ‘forget network’ setting.