May 25, 2021
Good morning, everyone!
This week’s critical vulnerabilities:
Patch All the Things! |
The Cyber Security Dangers of Travel
Ahhh, vacations are wonderful things, aren’t they? I just got back from the best vacation I’ve had in many years. I’m feeling relaxed and refreshed and ready to take on the challenges remaining in 2021!
Of course, you know my brain never stops (thinking about cyber security), so even on vacation, I kept looking around and seeing little reminders about how important it is to stay aware, even when on vacation. A few things to avoid while traveling:
Business Conference Centers
Ugh, I know this will be unpopular, but honestly, if I were a cyber criminal, I would definitely infect all those computers with malware, and the printers too. (HP says so. Printers get hacked all the time.) Think of shared devices like this as public toilets – but no one is cleaning them! Bring your own laptop or tablet, and a small portable printer if you’ll need to print anything.
Hotel WiFi
I know many of you have heard me talk about the dangers of public wifi. This includes ANY public wifi, not just at coffee shops and department stores. Did you know that Hackers Target Hotel Wi-Fi? Yep:
A group of hackers known as “DarkHotel” have perfected the act of targeting high profile guests (CEOs, senior vice presidents, sales and marketing directors) staying in well-known hotels. […] To perfectly execute the attack, these sophisticated attackers will lurk on the hotel’s network for days leading up to the target’s check-in, upload their malware before the guest arrives, and delete it days after their departure to clear any trace of the attack.
It’s another well-known tactic for cyber criminals to install fake wifi hotspots in hotel rooms, hiding them in dropped ceiling tiles and closet shelves that are rarely used. They set them up to look exactly like the hotel wifi, and you connect with the fake replacement without realizing it. Why is this dangerous? Well, “we took a hacker to a cafe”
We took a hacker to a café and, in 20 minutes, he knew where everyone else was born, what schools they attended, and the last five things they googled.
Seriously, that story is worth a read. It’s good stuff. So, stay off public wifi! Stay on the cellular network. Use the hotspot on your phone or tablet to power your laptop. Why is the cellular network safer? Several reasons:
- It’s pretty cheap (around $30) and easy to impersonate a wifi hotspot, but more difficult and expensive to impersonate a cell tower (and highly illegal).
- The phone companies are serious about keeping anyone from getting free data!!!! They monitor their networks closely and will quickly find (and shut down) rogue devices.
USB Charging Stations
Have you noticed that USB charging stations are everywhere now? Airport lounges, restaurant waiting areas, and even in the base of the lamp in my most recent hotel room! Why is this problem? Juice Jacking:
You’ve heard of credit card skimming at the gas pump, right? This is the mobile tech equivalent. What might seem like a benign, generic USB port or charging cable may be attached to a tiny device that installs malware on your phone, or worse, steals data off of your phone.
How do you protect yourself? Carry your own charger with you, and use only standard electric outlets to charge, not a USB outlet. Or carry around a USB condom. Yep, that’s a thing.
I didn’t exactly take my vacation early this year so that I could warn all of you before you leave for your own … but it seems to have worked out that way!
Stay safe – and ALERT-- on your travels this year!
Remember, you can read past editions of this newsletter on our website, along with tons more information under the Resources tab.
Talk to you again soon!
Glenda R. Snodgrass
grs@theneteffect.com
(251) 433-0196 x107
https://www.theneteffect.com
For information security news & tips, follow me!
Security Awareness Training Goes Live Again!
Thanks to COVID-19, lots of things went virtual, including my employee Security Awareness Training. Thankfully, live training is making a comeback! So wherever you and your employees may be, I can deliver a fun and informative training session in whatever format you prefer.
Contact me to schedule your employee training sessions. They're fun! ☺
TNE. Cybersecurity. Possible.
Speak with an ExpertHave Cyber Security News & Tips delivered weekly to your inbox.
Get Instant AccessContact
The Net Effect, L.L.C.
|
Resources
CMMC Newsletter Whitepapers Articles Videos Interviews |