In the heat of excitement about summer vacation it’s easy to forget just how vulnerable to attack our devices are, especially when traveling. Between confusing tech speak and what feels like an ever-growing list of cyber threats, protecting your tech can feel like a Sisyphean task.
Luckily, we talked to Shaun Murphy, a cyber security expert and CEO of sndr.com, who has consulted with the government on security. He’ll definitely make you think twice before using that free WiFi…
Do we face different cyber threats while traveling than we would in our daily lives?
Yes – tourists are always a big target of criminals – in digital and real life. When you travel you will commonly face hostile WiFi access points that can not only capture the information you’re sending, but also modify data coming back to you. Device theft is a huge concern as well; losing a several hundred dollar device hurts but remember, your phone knows almost everything about you and has hooks into all of your accounts and services. That information is far more damaging in the wrong hands.
What kind of access does connecting to public WiFi or even a hotel’s WiFi give to our devices?
Free Wi-Fi access seems too good to be true, and it probably is. While you surf the internet and check your email, a scammer can easily steal your credit card or other sensitive information. They can also change the data coming back to your device – think you’re downloading your bank’s app? Surprise, you’re actually downloading some hacker’s version.
What’s the safest way to connect to the Internet while traveling? Is it different if you’re in the United States versus traveling internationally?
When on public Wi-Fi, it’s better to use your browser instead of using apps on your phone. Web browsers have passed rigorous security auditing for e-commerce and other sensitive transactions. Consider any unfamiliar network to be hostile and take steps to protect yourself.
Are smartphones safer to use than laptops or tablets in terms of how easily hacked they can be or installing malware?
They all have different threats. Desktop/laptop operating systems are under constant threat of malware that is always running, or even scarier ransomware that locks you out of all of your data. Mobile devices (phones/tablets) can be host to many hostile apps that capture your private information.
Very generally, is there any difference in security between Android and iPhone?
Due to fragmentation, there are multiple versions of the Android operating system existing at any given time. These manufacturers sometimes inject their own malware into Android systems. General Android security updates have to be rolled out across dozens of systems at one time. Sadly, Android manufacturers do not commonly send out these updates. iPhones don’t suffer from this fragmentation for the most part, but they are also a very closed environment. You can not replace the Messages app with your own SMS program. You also don’t have the choice of web browsers – they are all using Safari under the hood. This lack of choice forces you to blindly trust Apple to do the right thing with no way to verify.
Is there a way to know if a device has been compromised?
There are a few signs that may indicate your device has been compromised. Installed malware running in the background may drain your battery faster, make your phone warm to the touch, or run slower than usual. Any unfamiliar behavior such as unrecognizable text messages or browser pages could also indicate that your device has been infected.
What does it mean when an app uses location services and why might it be potentially a bad thing? Is there a safe way to use GPS when in new places?
Location services allows websites and apps to use your location information (depending on what wifi you’re connected to, the cell phone tower you’re closest to and the GPS sensor), to determine your location. It keeps track of your location throughout the day as long as you give permission, and this data can be correlated with network activity to uniquely identify you online.
The best way to stay safe is to turn off location services when you’re not actively using them. It will also save you some battery.
Does posting updates and photos on social media during a trip make us more vulnerable?
Most social media platforms give you the option to add your location to a photo. Tagging your location makes you immediately vulnerable, as your location is confirmed. Even simply captioning a photo with where you are on a trip, or that you’re on a trip, lets anyone know where you are located, how long you’ll be gone, and possibly where you live. Even worse, most tech giants are scanning all of your phones and videos to learn who is in the photos and where they were taken even if location services are turned off. Criminals with a simple search can find out the type of places you visit and when you’re not going to be home.