Travel data is at risk for many travelers for both leisure and business.  A new survey conducted by Morning Consult on behalf of IBM Security1 reveals that travelers are still quite naïve regarding cyber risks they face while traveling.  The survey found that only 40 percent of respondents believed it was likely they would be targeted for cybercrime while traveling, yet 70 percent are engaging in high-risk behaviors while on the road.[1]

Attacks in the travel and transportation sectors are drastically increasing.  According to the 2019 IBM X-Force Threat Intelligence Index, the transportation industry has become a priority target for cybercriminals as the second-most attacked industry, up from tenth in 2017, and attracting 13 percent of observed attacks.  Since January 2018, 566 million records from the travel and transportation industry have been leaked or compromised in publicly reported breaches.  This not accounting for those many companies have kept quiet.[2]

Traveling in the Cyber World

Traveling can make individuals more vulnerable to security threats than they are sitting at home.  People tend to be distracted and overwhelmed while traveling and often choose convenience over cyber security.  In the safety and security of their residence, many have safeguards like controlling physical access to devices and setting up firewalls to prevent digital intrusions.  But with meeting travel deadlines and the quick pace of traveling, they become much more exposed.  More than 70% of Americans surveyed have connected to public Wi-Fi, charged a device using a public USB station, or enabled auto-connect on their devices which puts their information at risk.

Business travelers are even more likely to engage in risky behaviors. Nearly half (45%) of business travelers carry a device with valuable or sensitive information on it, yet business travelers admitted much more frequently to risky behaviors such as:

  • Connecting to public Wi-Fi—42% of business travelers do this every time or very often vs. 34% for personal travelers do this every time or very often
  • Charging a device using a public USB station—40% of business travelers do this every time or very often vs. 28% of personal travelers do this every time or very often
  • Enabling auto-connect on their devices—39% of business travelers do this every time or very often vs. 30% of personal travelers do this every time or very often

Travelers are acutely aware of the risks to their financial information with more than half of those surveyed saying that they are extremely or very concerned that their credit card (53%) or other sensitive digital information (52%) will get stolen when traveling.  That number drops significantly when people are not traveling, with only 40 percent similarly concerned that financial information will be stolen at home and 41 percent that their digital information will be stolen at home.

Understanding the cyber threats while training must be the first understanding and acceptance.  Taking precautions is the next step.  Cyber bad actors are drawn to the travel industry because of the wealth of data it holds and the economic value it drives.  According to the US Travel Association, travel is a profitable industry, with travelers spending $1.1 trillion in 2018 and supporting 15.7 million jobs in the US. 

Cyber travel recommendations: 

  • Monitor Loyalty Rewards: Your loyalty information and rewards are as good as cash to cybercriminals. Monitor accounts for unusual activity, use strong passwords, set up multifactor authentication where possible.
  • Choose Your Wi-Fi With Care: It's easy for cybercriminals to host Wi-Fi networks in public places to collect data such as credit card information and more. Even legitimate networks hosted by establishments can be open to digital eavesdropping. Avoid public networks if you can; and consider using a VPN for additional security.
  • Bring A Backup Battery: Free USB power charging stations may come with a cost you can't see. Cybercriminals can modify USB connections to download data from your phone or install malware without your knowledge. Instead, bring your own battery bank to recharge your phone when you're low or use traditional wall plugs instead of USB ports.
  • Turn Off Unneeded Connectivity: If you don't need it, turn it off. This includes Wi-Fi, Bluetooth, and auto-connecting to networks.
  • Shred Your Tickets: The little scraps of paper from your tickets, boarding pass, luggage tag, or hotel folio may seem useless and harmless after you complete your trip, but savvy criminals can gather a lot of information about your loyalty rewards program from them. Be sure to save them until you can destroy them appropriately by shredding.
  • Be Smart When Paying: Don't use your debit card at stores or restaurants that may not have the security to protect their point-of-sale systems. If you use an ATM, select one inside a bank branch or inside an airport, where the chance of tampering or skimmers on the ATM is reduced.

 

To learn more about travel and transportation security go to: https://www.ibm.com/security/industry/travel-transportation

The full Morning Consult survey results are available here: https://www.ibm.com/downloads/cas/ZP95XZ6O  

Wapack Labs is located in New Boston, NH.  We are a Cyber Threat Analysis and Intelligence Service organization.  For questions, comments or assistance, please contact the lab directly at 1-844-492-7225, or feedback@wapacklabs.com    

[1]https://finance.yahoo.com/news/ibm-security-cybersecurity-threats-growing-100000587.html

[2] https://newsroom.ibm.com/2019-02-26-IBM-X-Force-Report-Ransomware-Doesnt-Pay-in-2018-as-Cybercriminals-Turn-to-Cryptojacking-for-Profit

E-mail me when people leave their comments –

You need to be a member of Red Sky Alliance to add comments!