A Hacker-Level Guide to Staying Secure on the Go
Our top 7 cybersecurity tips for building road-worthy resilience
Disable wireless network comms on your devices, including Bluetooth, wireless, and NFC, among others. When you can reasonably manage being unplugged, consider switching your phone to airplane mode. Particularly in high-profile conferences or cybersecurity conferences (CISOs and security analysts, we’re talking to you), it’s best to assume that all of your communications are being intercepted. So consider using secure messaging apps such as Signal or a VPN to ensure uncompromised privacy.
Disable wireless network comms on your devices
Register & Catch us at Black Hat
Prep your gear
Don’t bring work laptops with sensitive work data or customer information without being sure you are rocking full-disk encryption with a super strong passphrase. Turn on all your firewalls, remove any port exceptions, and make sure your passwords are unguessable. Verify that you have Multi-Factor Authentication turned on everywhere. These are some strong basics that can change your security game before you ever arrive at your event.
Leave any non-critical devices at home
From your corporate key card to your e-reader, tablets, or even a smartwatch, consider all connected devices a security risk. Depending on where you’re traveling to, it may not be worth the risk. If in doubt, leave these items at home.
Think twice before joining a “FREE WIRELESS INTERNET!” hotspot
Free wireless hotspots are never convenient or useful enough to make up for the inherent security threat they pose. It’s wise to assume that someone can always man-in-the-middle your network connection – not to mention malicious connection/pairing requests. And as always, on any wireless network, avoid clicking on pop-ups or accepting self-signed SSL certs.
Update your devices
For whichever devices you’re bringing – be it tablets, PCs, or smartphones – it’s always a good idea to make sure they’re fully patched and updated with the latest security updates from the vendor.
Avoid scanning QR codes
Those mobile QR-code menus you’re seeing at hotel restaurants? Ask for a hard copy. Mobile QR code to review the event agenda? Have someone email you the PDF. While it may be a bit inconvenient or awkward to ask, this is especially important if you do not know the source of QR codes. And let’s be honest: how often do you really know the source? Just don’t risk it.
Ready for more insight on how to hack-proof with real Adversarial Testing takeaways? Download our latest white paper today.
Real talk: cushy hotels and exhibition floors can be some of the most hostile networks on the planet.
From the bright lights of Vegas to the bustling streets of New York City, business travel has its perks and thrills. But you know what isn’t very thrilling? Becoming a security statistic while attending meetings or traveling for work. From fake ATMs at security conferences to hotel computers running hacker operating systems, we’ve seen a thing or two and we’re here to tell you that cybersecurity maturity means business travel security.
Here are seven simple tips for keeping your personal and professional information under lock and key when you’re out and about.
Clean out your travel backpack
Those old business cards and airline tickets aren’t as harmless as you may think. Don’t leave documents like receipts, printouts, and other identifiable information laying around in your hotel room or belongings.
get started
Free Adversarial Testing White Paper
Register and Catch us at Black Hat
Free Adversarial Testing White Paper
A Hacker's Guide To Black hat and Def con
7 Cybersecurity Tips for Navigating an Event
Disable wireless network comms on your devices, including bluetooth, wireless, NFC, etc. Consider airplane mode on your phone, if you can manage being unplugged. If you must use your phone or other devices, assume all of your communications are being intercepted, so consider secure messaging apps such as Signal or a VPN to ensure your privacy is not compromised.
Disable wireless network comms on your devices
Register & Catch us at Black Hat
Prep your gear
Don’t bring work laptops with sensitive work data, customer information, etc. Make sure you are rocking full-disk encryption with a super strong passphrase. Turn on all your firewalls, remove any port exceptions. Make sure your passwords are unguessable. Verify that you have Multi-Factor Authentication turned on everywhere.
Leave any non-critical devices at home
This could include things like your corporate key card, smartwatches and tablets.
Think twice before joining a “FREE WIRELESS INTERNET!” hotspot
Avoid clicking on any pop-ups or accepting any self-signed SSL certs. Always assume someone can man-in-the-middle your network connection, and assume that any connection/pairing requests are malicious.
Update your devices
Be sure everything you bring is fully patched and updated with the latest security updates from the vendor.
Avoid scanning QR codes
This is especially true if you do not know the source of the codes!
They’ve been called some of the most hostile networks on the planet.
Networks like the ones at Black Hat and DEF CON serve thousands of the world’s greatest hackers and researchers. As longtime attendees of both Black Hat and DEF CON, we’ve seen some crazy stuff: fake ATMs, public computers running wireshark, malicious evil-twin wireless networks, hotel computers running hacker operating systems, blanket GPS spoofing, odd Bluetooth pairing requests and more!
That said, here are a few tips you can use to help keep yourself safe not just at Black Hat or DEF CON but any event.
Clean out your travel backpack
Don’t leave business cards, old airline tickets, or other identifiable information lying about.
get started
black hat session
def con session
Register and Catch us at Black Hat