Sounds like a great name for a mystery novel. In 2009, it was identified by security researchers as a new type of APT (active persistent threat) considered so sophisticated that it could be state-based espionage.
Online security is always a serious issue. Personal information and data are coveted by numerous sectors, beginning with global marketing giants, who already own oodles of information from tracking purchasing habits on loyalty cards.
Knowingly handing over information online is one thing, but having it scraped from your computer or your online properties without your knowledge by a nasty malware is a violation of your rights.
And reclaiming an obliterated online identity is extremely difficult. It’s not a simple matter of changing a few log-ins and passwords, it’s about recapturing all of your personal information.
The horror of losing an online identity was chronicled in 2012 by Wired Writer Mat Honan, who had his online identity compromised because someone wanted his Twitter handle – mat with a single‘t’. (Mat’s password incidentally was a sophisticated masterpiece of 17 characters (not just letters)
On the road, travelers become even more vulnerable. Not only are they away from the IT department, but out of synch with the usual security type habits. No traveler is completely immune, but knowing a few tips will make travel easier and safer.
ASSUME YOU’RE GOING TO BE HACKED
Such vigilance will increase your security IQ. And don’t let your guard down in friendly countries. Online espionage is everywhere.
UPDATE YOUR SECURITY SETTINGS BEFORE HITTING THE ROAD
This includes your anti-virus software. Install a firewall and use it. Back-up before leaving, and continue remotely backing-up through-out your trip.
Change your password and consider a two-step log-in protocol. Don’t feel overly safe with a fingerprint security system. Biometrics can also be hacked. This was proven by the Chaos Computer Club (CCC), which claimed in 2014 it had cloned the fingerprint of Germany’s Defence Minister.
Be cautious of all public Wi-Fi. Connect only to authentic hotspots, avoiding generic connections, , because they can be rogue hotspots. Sometimes these can be easily spotted because of their noticeably lower connection speeds. Consider creating a private hotspot using a personal smart phone.
Some hotel Wi-Fi systems are suspect as they are often maintained by a third-party. When the network becomes compromised so does the user, leaving the hotel in the classic man-in-the- middle position. Connecting via a secure networking protocol such as VPN (virtual private network) allows for more secure browsing.
Bottom line: If something is sensitive, simply don’t access it over a public Wi-Fi — unless you have encryption capabilities.
When traveling, leave your smart phone on airplane mode or simply turn it off. Checking the settings from time to time doesn’t hurt to ensure there hasn’t been an untimely reset. Keep in mind that airplane mode also blocks the ‘Find my Phone’ tools. Disable the Bluetooth device when not in use. Hackers can link to this kind of technology and gain access to your phone and your information.
Public iPads are just about everywhere and they are great for wiling away time, checking hockey scores or watching a video. But avoid checking your email or personal financial information because your log-in or PIN number can be easily scraped.
If your computer is very important to you, don’t leave it in your hotel room, leave it with hotel security.
LIMIT WHAT YOU TAKE
Travel with only what you need, and this applies to both data and devices. In most cases an iPad will do the trick. If a computer is a must, consider having a computer dedicated to travel, one that contains only the necessary apps and a minimal amount of data. After the trip ensure that it’s stripped and sterilized.
With all the threats that exist today, has travel become too dangerous for devices and data? Nay say the experts. Their solutions:, Vigilance and caution.
And Dark Hotel?
Dark Hotel was found lurking in the third-party Wi-Fi systems of busy hotels frequented by business executives. From there it was able to monitor all the online traffic in the hotel. When a user logged onto the hotel’s Wi-Fi system, they were asked to download a common software update such as Adobe Flash.
During the download, Dark Hotel unloaded not just a malware but a keystroke catcher that scraped all of the data off the device (computer or iPhone), including the login credentials of the user and all of the places visited. And if that’s not bad enough, Dark Hotel then deleted itself revealing no trace of infection, rendering it truly uber-sinister and cyber-dangerous.
Is it still out there? A quick Google search reveals many posts as late as November 2014 suggesting that Dark Hotel is still a threat. What’s even more disconcerting is that the next NEW type of virus is likely is likely to be even more pernicious.