Taking a laissez-faire approach to security while on a business trip is a great way to give a hacker backdoor access to your company’s information
Last November, security software firm Kaspersky Labs revealed in a report that an industrial espionage campaign has been ongoing since 2009 it dubbed “Darkhotel.” In essence, specific executives are being spied upon while overseas at the hotels they were staying at whenever an executive logged on to the hotel’s Wi-Fi network. These cybercriminals aren’t just spying on anyone; they’re tracking specific executives, some of whom work for technology companies, government agencies, or government contractors.
As soon as an executive uses their notebook computer to log on to the hotel’s Wi-Fi, cybercriminals break into the executives’ notebook and place malware on it.
It’s very easy to do. Typically, most hotels, even five-star hotels, don’t have rigorous security measures set up on their Wi-Fi networks. And once you connect to that Wi-Fi as a guest, it’s simple for a hacker to dump Trojans or spyware on your computer.
It begs the question why these corporate executives aren’t using a wireless hotspot provided by the companies they work for? Wireless hotspots provide a certain level of security by way of encryption with the latest software to protect one’s online communications.
As Kaspersky Labs noted in its report, what’s unusual about these attacks is the hackers know the names of the executives they’re tracking. They know when they’re going to be checking in to a hotel, what room they’re staying in, and as soon as they go online via the hotel’s complimentary Wi-Fi, they hijack that computer and start implanting malicious software on it.
How do these cybercriminals know whom to target? It’s possible they’ve already hacked their way in to the executive’s assistant’s computer to gain access to the executive’s calendar, and therefore, they know their itinerary in advance.
When these executives return home and plug their computers back into their corporate networks, the hijacked computers can now be used to gather mission critical, sensitive data.
Imagine if you’re a technology executive with access to data on your corporate network that might contain government projects and developments. Taking a laissez-faire approach to security is a great way to give a hacker backdoor access to your company’s information.
Whenever I travel abroad, I use either my mobile phone as a hotspot and stay off the hotel’s Wi-Fi, or if I do connect to the hotel’s Wi-Fi, I always do so via a virtual private network (VPN) back to the office to ensure all of my communications are encrypted.
When traveling outside of the U.S., use a VPN if you’re going to access a hotel’s complimentary Wi-Fi, or get a wireless jetpack and use that instead.
Want to learn more about how to protect your business’s data while traveling? Give us a call at 866-784-8326 or email us at [email protected]. Alvarez Technology Group is the leading IT consulting firm for computer and business IT support throughout Monterey, Salinas, and the Bay Area.
