We are all dependent on portable devices for our work and our social lives. Using them in public settings, especially airports, planes and trains provides the perfect opportunity for criminals to access your information – and they don’t even need your passwords. Recent trips of mine have confirmed how the best cyber security arrangements count for once employees leave their taxis and enter airports to get on planes.
As restrictions are starting to relax, we are seeing commuting for both work and personal reasons start to increase again. After two years of working from home, people are seizing the opportunity for face-to-face meetings with clients, peers and employees.
Working from home has seen its own privacy challenges with more people using their own networks and devices that are typically outside the company’s firewall. We saw an increased number of fraudulent activities from identity theft, hacking accounts and phishing – the list goes on.
The restart of business travel brings with it the privacy challenges of using portable devices on the move.
It is important to know the modus operandi for how perpetrators access your information.
Information theft usually occurs out of sight. It will happen outside of your peripheral view. Due to most people’s lack of interest in the environment around them, for example on a plane, they can be particularly vulnerable.
As soon as businesspeople start traveling, perpetrators have easier access to you and the information you are carrying. One method is via social engineering (malicious activities accomplished through human interactions) and another is from observing your screen and perhaps utilising some type of surveillance method (video, imagery, eavesdropping).
Things become more interesting as soon as two or more people from a company travel together. They inevitably openly discuss work, share documents and other information in the cabin. For those sitting close, it is almost impossible not to learn sensitive information. Just think of your last flight, I bet you inadvertently found yourself listening to a work conversation or watching someone working on a laptop.
I see corporations spend tremendous amounts of money on the technical and mechanical protection of company information (cyber security), while neglecting one of oldest and best field-tested form of intelligence gathering operations – human intelligence.
If you couple social engineering, which occurs way more than you realise, together with a lack of employee training, education and preventative methods, there is no doubt in my mind that working at an airport, on a plane, train or bus will be a heightened focus for perpetrators.
After all, if information theft occurs on plane or at an airport, it is most likely to never be discovered or investigated. Most importantly corporations will not know how to implement processes to
protect data when they do not know how it has been compromised. In these environments, perpetrators do not need your password, after all you are willingly sharing your screen and having conversations/calls about sensitive information.
Recent trips of mine just confirmed how few prevention techniques are being followed once employees happily leave their taxis at the airport and move through onto the aeroplane. The investigation of information theft is a difficult and costly process. You should be your own strongest link by being more aware of your environment and being your own human firewall to prevent information theft.
This post was written by Mario Bekes