Be aware of cyber security when you travel...

IMG_3342.JPG

A lot (roughly 10, 000) of HP's employees, customers, and partners are attending HP Discover 2013 in Barcelona this week, including myself. Before traveling for HP, we always receive news of any potential security threats. For Barcelona, that included a warning to be on the lookout for petty thieves (always a good warning in any urban environment, and also probably explains why I've walked everywhere with my hands in my pockets). Pickpockets in Barcelona have been known to use a variety of clever methods to fleece their victims, including the 'here, let me get that stain on your shirt' to 'you've got a flat tire, let me help' routines.

 

However, it’s not just the petty thieves in Barcelona who are creative.  In September, a touring poker pro experienced that personally when he returned to his hotel room only to find his laptop missing. He immediately left his room to notify the proper personnel. The curious part is that when he returned to his room, so had the laptop. If not for troubles and delays in booting it afterwards (OK, and a complete lack of wonder at a laptop that had learned how to teleport), he might have continued using it with horrible consequences for his bank account and tournament standings. Luckily for him, he didn’t trust it and with the help of security professionals, discovered that a remote access Trojan had been installed on his system that would have let remote attackers see what was on his screen at any given moment. For normal people, that would be bad enough, but for an online poker player it would have been disastrous.

 

I recently wrote about how we're going to see more focused attempts at using physical means to install malicious software on systems. This attempt illustrates that point, and then some. By utilizing readily available public information about the player's travel schedule and knowledge of when he was playing (and therefore, wouldn't be in his room), the thieves pinpointed their target with a precision that’s (for lack of a better word) frightening. In fact, there’s a marketplace for these profiles that allow attackers to hone and target their attacks in ways that in the past was only seen in movies.  This new exploit aimed at gamblers has been dubbed ‘sharking’. I fear that soon we’ll need the equivalent name for when this happens to corporate employees. Because in this day and age, one infected system can be enough to bring down a network. And that's a prize that for many is worth the risk.

 

In the world of networking and software, sometimes it’s simply not feasible to install the latest patches, which more often than not leads to security vulnerabilities being left open. The same goes for hotels and replacing all their room entry systems.  So be aware when you travel that it’s not only your passports and pockets that need to be protected …it’s also your laptops.   

Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the Community Guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
Search
Showing results for 
Search instead for 
Do you mean 
About the Author


Follow Us
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation