Evaluating Cyber and Physical Risks During International Travel
Whether for business or pleasure, international travel can present various cyber and physical risks. Unfortunately, the precarious state of the geopolitical and threat landscape has increased some of these risks, yielding widespread concern and uncertainty among those seeking to travel safely and securely. Given that certain threats may be particularly damaging not only to individual travelers but also to their associated organizations and even stakeholders, recognizing these threats and the risks they may pose is paramount to ensuring physical safety and safeguarding critical personal and business-related data.
The threat of cybercrime resulting in the loss of critical business data is an increasing and accompanying risk inherent to international travel. While cybercriminals have been known to target specific individuals and organizations, most attacks are random, indiscriminate, and motivated by financial gain. Typically, it does not matter who the victim is nor where they are employed — only that their victimization results in illicit wealth.
Cybercrime may occur more frequently during densely-populated, high-profile events. Environments such as those surrounding international business conferences, academic symposiums, political conventions, trade and finance exchanges, and highly-marketed sporting events all present opportunistic cybercriminals with a grand venue in which to conduct malicious attacks. Mobile electronic devices are especially desirable targets because they may contain high-value personal, financial, and/or business data that has the potential to support various fraud schemes and yield handsome payouts when sold on underground marketplaces. Some cybercriminals have been known to sell corporate data and trade secrets to competitors or even nation states seeking an increased market share, a favored economic and/or geopolitical advantage, or even to bolster military capabilities.
It is crucial for all travelers to be cautious when connecting their devices to wireless networks, as creating fake internet Wifi access points or exploiting legitimate-but-unsecured access are common tactics among cybercriminals. While staying connected is often considered prerequisite during business travel, using unsecured Wifi networks to conduct sensitive business communications or transmit confidential attachments can play into the hands of threat actors. Network compromises may enable cybercriminals to deliver attacks, manipulate connected network traffic, or gain access to users’ sensitive data. Business travelers who engage in lax operational security practices are considered increasingly-accessible and information-rich targets.
In addition to being wary of public WiFi access points, travelers should recognize that many popular (and often luxury) hotels’ networks have previously been targeted by cybercriminals as a means of compromising network-connected devices. Indeed, the long history of “Dark Hotel” cyber activity, dubbed as such due to its tendency to target victims through hotel networks, serves as a prime example. And as cybercriminals have come to recognize that sponsors of major events may invite high-profile guests and conduct business meetings at hotels within the event’s vicinity, high-level executives may be especially vulnerable targets not only when attending events but also when spending time within the confines of their hotels. Indeed, many “Dark Hotel” attacks were highly-targeted specifically against traveling corporate C-level and other senior executives.
Similar to cybercrime, high-profile public events have also been known to facilitate hacktivist activity — particularly among actors and groups seeking widespread attention during times of social, economic, or geopolitical unrest. Indeed, hacktivism surrounding the 2016 Rio Olympic Games serves as a case in point; the grand event provided hacktivist groups like Anonymous Brazil with increased social and mainstream media attention. In the months leading up the olympics, Anonymous Brazil launched the #OpOlympicHacking campaign on Twitter not only to protest the games but also to demonstrate that their motivations were deeply-rooted in their perception of corruption and discontent over perceived misallocation of resources within the Brazilian government.
In order to gain notoriety and further their causes, many hacktivist groups have historically dictated major events and the companies that support them as targets of malicious cyber activity. It’s important to recognize that although events such as the Rio Olympics often draw physical protests and an abundance media attention that may embolden hacktivist groups, many of these groups lack the skills and sophistication required to yield damages beyond those associated with negative social media posturing.
It should come as no surprise that the threat of terrorism requires consideration for those with plans to travel internationally. Further, this threat may be amplified for those attending popular public events, which offer densely-populated environments where the victimization of mass casualties would serve as a force multiplier for terrorists’ ideological causes. Although the vast majority of threats posed by terrorist groups and their supporters fail to materialize, some threats and related propaganda can serve as potential indicators of regions, events, or targets that may be more susceptible to terrorist activity.
However, as terrorist groups such as ISIS often leverage numerous cyber outlets ranging from private Deep & Dark Web forums and the encrypted social media app Telegram to Twitter to both incite and publicize intentions to launch terror attacks, it can be exceptionally difficult to decipher the very few true threats from the empty ones among the vast amounts of cyber chatter and distracting noise. As such, individuals and organizations with business or political interests located in regions with ties to terrorism and/or pertaining to high-profile public events should consider working with reputable third-party vendors to gain additional visibility into both the cyber and physical terrorist threat landscapes.
Whether motivated by financial, ideological, or political gain, cybercriminals, hacktivists, terrorists, and other malicious actors continue to recognize international travelers as desirable and often high-value targets. Unfortunately, certain risks will always be inherent to international travel, some of which may have consequences not only for individuals but also for their associated organizations and stakeholders. As such, it is crucial for travelers to recognize that lax operational security practices and insufficient security awareness have the potential to yield damages that extend far beyond the compromise of their own physical safety, personal devices, and/or sensitive information. Above all else, attaining a comprehensive awareness of the cyber and physical threat landscape surrounding relevant destinations and events can help travelers become better prepared to address and mitigate these risks.