Derreck Jason, Negosentro | Traveling business people traveling staying at top international hotels are attractive potential victims for cyber-criminals to steal confidential data in an attack known as the Dark Hotel.
Dark Hotel is a targeted spear-phishing spyware and malware-spreading campaign that commonly attacks business hotel visitors through the unsecured hotel’s in-house Wi-Fi networks. Once a hotel network is infected with DarkHotel, the malware attempts to compromise guests’ computers when they log on to the hotel’s Internet service over Wi-Fi or via Ethernet.
So what security actions should you take to curtail the chance of your computers being compromised and confidential data being stolen? A wiser resort is the use of a VPN or Virtual Private Network that allows web users to create a secure and protected connection to another network over the Internet. And here are some ways to secure your business while traveling.
Update your software before you travel
Dark Hotel uses zero-day exploits to attack machines by taking advantage of the flaw or vulnerabilities which were not previously identified by the owner and for which no know security updates existed.
These zero-day exploits are known vulnerabilities in commonly installed software like Windows or Adobe Reader before the software updates to get rid of such vulnerabilities. Hence, regularly updating your software is one of the security best practices.
Generally, as Dark Hotel proved, downloading and installing software from an alien network is not a good idea. Therefore, if there’s a prompt for a security update while you are traveling, a tricky decision has to be done as to whether to risk the update download from an alien network or to continue using an unpatched software.
Always use a VPN
Whenever you are using public Internet connections like those free Wi-Fi at airports, hotels, or conference centers, your data like your usernames and passwords and even the contents of email and documents you send can be captured and read somewhat easy unless it is encrypted.
Though there are some websites and email services that utilize https and display a locked padlock in your browser, still, using Virtual Private Network like VPNDada.com to encrypt all traffic coming and going from your computer offers a more secure transaction over the Internet.
Bonus tip: If you’re traveling in China, there are some websites like Facebook and Google that are blocked. You need to use a VPN in order to unblock those sites. You should also consider those VPNs working well in China.
Only connect to Wi-Fi services with passwords
Wi-Fi services with no passwords are very insecure thus, you should only use this as your last resort, together with a VPN. Meanwhile, Wi-Fi services that require a password, though everyone knows the password, provides protection by encrypting the wireless part of the connection.
As this kind of encryption only affects the data in transit over the wireless network, but no further, it still wiser to use a VPN to safeguard your data for the rest of its journey over the internet.
Never trust public computers
Public computers such as those in the hotel business centers and Internet lounges shall never be trusted. You would not be able to identify if a keylogger has been mounted to capture your keystrokes as you type. Those computers should only be used to visit public information websites and never for business purposes.
Use your cellular data connection
Connecting your laptop to a travel router that plugs into an Ethernet jack is a lot way safer to protect your data from malicious users connected to the same hotel internet connection.
A firewall installed as software in a computer can be disabled by viruses and other malicious software thus, using a travel router like TP-Link AC1900 acts as a very effective hardware firewall that can isolate your computer from other users on the network.
Keep your gadgets and things secured
Avoid leaving your gadgets unattended in a hotel while you are traveling. Always observe these sensible precautions:
- Set up a login password and require the re-entry of this password after a relatively short idle period.
- Disable booting from CD or USB drive in the BIOS to prevent hackers bypassing a login password. And set a BIOS password to prevent its setting being changed.
- Encrypt a hard drive with a utility like MS BitLocker, Symantec, Win Magic, Intel/McAfee.
- Use a locking cable to prevent a thief from easily removing your laptop from a hotel room.
Think of worst things that can happen
When you are always thinking about the worst things that could happen on your accounts, you will be more conscious and the more you’ll think about your security and privacy.