On a trip – whether for business or vacation – it's easy to overlook the safety precautions you take at home. According to its experts Kaspersky Lab, there are specific and simple things that everyone can do to make sure that a hotel's Wi-Fi access is secure, or that they are secure when purchasing tickets online.
In addition, there are simple solutions even if your device is lost or stolen.
Some hotels, restaurants or business centers sometimes offer free tablets to their guests. As they work on these devices, users tend to leave many private information that could potentially be used by digital criminals. No one can know if a keylogger or other malware is installed on these devices and intercept keystrokes, such as connection details.
These devices, according to Kaspersky, should only be used for visits to informative websites and never for online shopping or business purposes, such as editing documents or linking to sites that require a password.
2014, Kaspersky Lab published information about the targeted Dark Hotel campaign, which used a number of effective tactics to invade hotel networks, even on systems that were considered private and secure.
Digital criminals waited for their victims to connect to the hotel's Wi-Fi network. They then blurred the candidate targets, who "folded" and installed a backdoor, which was supposed to be an updated version of a legitimate software.
As soon as the backdoor entered the system, according to Kaspersky, it "downloaded" in turn the most advanced tools for data collection, intercepted all keystrokes and searched for temporarily stored passwords in browsers and other personal information.
In any case, the software must always be up to date. However, if the update needs to be done during a trip, download updates should be made directly from the official sites of the providers.
If your computer displays messages informing you that software updates should be made, users should not click a random button to download and install an update as "update" could turn out to be malware.
If sensitive information is to be used, users should use one secure connection. In general, it is advisable to avoid the use of public Wi-Fi networks, especially if the network is not password protected as hackers can set up Wi-Fi hotspots in public places (eg airports) to intercept data .
Often, these hotspots have a name that seems to belong to an official body according to Kaspersky. For this reason, it is useful to confirm the exact name of the legitimate Wi-Fi service each time.
Additionally, it is recommended to use password-protected networks. Even if the Wi-Fi code is freely available availableς σε όλους, εξακολουθεί να παρέχει protection. This is because this shared code is used to generate unique keys for each user, so that users' data cannot be decrypted by anyone else, even if they know their Wi-Fi password.
In case online markets according to Kaspersky (eg tickets for a show or hotel reservation), it is good for every user:
- Verify that the service you are using is secure (see green padlock, encrypted linkHTTPS).
- Have a dynamic antivirus program with built-in safe money
- Να διαθέτει ένα μοναδικό κωδικό πρόσβασης για κάθε έναν από τους λογαριασμούς του και εφαρμόζει κάποια μορφή ελέγχου ταυτότητας δύο παραγόντων σε όποια ιστοσελίδα κι αν χρησιμοποιεί. Θα πρέπει, δηλαδή, να επιβεβαιώνει οποιεσδήποτε συνδέσεις μέσω SMS ή ενός email με base τον κωδικό ασφαλείας. Αν κάποιος χρήστης λάβει ειδοποίηση πιστοποίησης δύο παραγόντων όταν δεν προσπαθεί να συνδεθεί με ένα σύστημα, αυτό είναι μια πολύ καλή ένδειξη ότι θα πρέπει να γίνει σάρωση ασφαλείας στον υπολογιστή κι ότι θα πρέπει να εισαχθεί ένας νέος κωδικός πρόσβασης (γιατί αυτό σημαίνει πιθανότατα ότι κάποιος έχει στα χέρια του τον κωδικό πρόσβασής και προσπαθεί να μπει στο λογαριασμό).
- Use a kind of transaction guarantor (eg 3D Secure or Verified-by-Visa) that requires a one-time passcode to be entered before a transaction is completed.
Beyond that, attention should also be paid to physical security, as data can be compromised every time someone leaves their computer unattended while traveling.
Devices may be lost or stolen. Thus, reasonable precautions include setting a password if one does not already exist - although this only offers a low level of protection, as it is required to enter a code each time after a relatively short period of inactivity.
Also, it's a good idea to disable booting from a CD or USB drive in the BIOS so hackers can't bypass the password. After that, users should set BIOS password to prevent possible changes to BIOS settings.
It is also good for users to take preventive measures and become familiar with anti-theft functions and solutions.
Για παράδειγμα, η δωρεάν εφαρμογή Kaspersky Phound! για smartphones ή tablets, καθώς και τα καταναλωτικά προϊόντα της Kaspersky Lab, όπως το Kaspersky Internet Security - Multi-Device can contribute with a number of features such as locating the device on the map using GPS, GSM or Wi-Fi networks, activating the Alarm function that continues until the owner has entered a secret code or even removing all personal data.
"Many people today travel with smartphones, laptops and laptops tabletsor using equipment provided on the trip. When you quickly make your suitcase for a trip, when you are at a hotel or an airport, it's easy to overlook even the simplest security measures, such as backing up or encrypting vital business data.
Then, there are threats such as the loss of passwords or "infection" by digital criminals through unreliable public payloads using a USB connection. You should take precautions on your travels just as you would at home, said Stefan Tanase, Senior Security Researcher of Kaspersky Lab's Worldwide Research and Analysis Group.
