I spent a month travelling abroad last year one of my primary concerns before starting my travels was to remain as secure and as private as possible while travelling, as you know separated from your regular routine and habits can impact your decision making process especially when you are far from home and passing though countries where people may not speak your language.
this article is summary of all the main tactics and techniques I used to stay as Cyber Safe as Possible while travelling abroad.
Use a VPN
When travelling you may not know so much about where you are staying, particular if you are staying in Airbnb's like I was its always a good idea to take a few measures to secure yourself incase there are other snoopers nearby as you never know who may be watching.
I have a huge issue with VPN providers as often just like snoopers on wifi networks VPN providers may also be snoopers in disguise. The safest option is to spin up your own if you want to learn how head over to one of my old posts "In 2017 only losers pay for VPN's"
Don't Trust USB connections
Do you often plug your USB charging devices into charging stations or power stations? If you do you should stop immediately. Charging stations or plugging your PC into random devices an open you up to the threat of sophisticated malware installing itself on your device.
For traveling abroad you should take your own power source or charging facilities with you if you cant or don't want to carry extra gear take one the best devices possible to ensure your safety a USB Condom.
A USB condom essentially blocks the data pins in a usb port and only allows the power pins to connect through to the USB cable. This physical blocking ensures that no malware can silently slip onto your device while charging therefore making this a must have travel device.
Take a Travel Machine
I normally of the majority of my work (including writing for this blog) on a MacBook Pro. It's great and I really enjoy working on it. There is only 2 major drawbacks with taking it on extended trips:
- It's Super expensive and normally travel insurance just falls short of the total amount covering it so if something happens thats it.
- the 15 inch screen makes it a rather large travel item.
So my recommendation to everybody would be to take a small compact "Travel Machine" for my trip I ended up settling on the "Xiaomi Mi book air" which I bought from AliExpress.com. I was a little sceptical of using Xiaomi products but I made sure to wipe the machine a few consecutive times and move away from the preinstalled Windows 10 setup and move to a Linux flavour that gave me a greater control of the machine and hardware settings.
The laptop has a 12.5" version its small, light and has great battery life. best of all if I loose it its encrypted and I don't really care as much as loosing my everyday laptop.
Carry some "extra" tooling
It never hurts to be prepared. If you can take a few "extra" tools why not. What I took abroad with me was an android phone with Kali NetHunter installed as well as a few additional wifi adapters. I primarily used this for examining the wifi networks I was connected to as an extra precaution to make sure there weren't any extra devices hooked up to the network e.g. network camera's snooping on me in the airbnb's I stayed at.
Don't ever connect to Public Wifi
Like many tips for staying "Cybersafe" most of them are just common sense and good practice, like this one. You shouldn't ever connect to public wifi ever, never ever. If your still undecided I plan on putting a technical post to show you exactly why this is a bad idea. Watch this space.
Don't ever connect to Hotel Wifi
Hotel wifi is basically the same thing as public wifi with one difference you pay exorbitant rates for the privilege of using it. Never ever connect to hotel wifi.
Verify payment gateways
In Europe when trying to make a credit card payment you get hit with a weird payment gateway screen that was probably created sometime back in the early 2000's or at least looks like it was.
My advice here is to always double check the certificates and possibly verify these with research or calling your financial institution. You can never be to cautious.
Pay in cash where possible
Incase you don't even want to risk using a payment gateway, pay in cash always. This keeps you cybersafe by eliminating the financial aspect of your online overseas footprint completely.
This one is a no brainer setup 2FA on all apps and sites you are concerned with protection or are "high value" to yourself.
The only problem with 2FA which I discovered quite early on in my journey is make sure its not 2FA over SMS as if you are using a different phone number this option won't work. Instead look if you can use an alternate form of 2FA e.g. google authenticator or in app notifications.
Carry a Travel Phone
Worried about getting your primary phone compromised? The easy solution is to get a travel phone. you should be able to pick up a device with the latest version of Android for a relatively cheap price (~$50 USD). At such a low price you can even throw it away when your trip is over.
Buy a Travel Modem / Router
So we have already establish hotel wifi and free wifi are bad ideas. So is there a better one? Sure there is! Buy a mobile broadband router that way you can take it with you on your travels and its easier to police and audit who is using it.
Password Protect and Encrypt everything
This one is simple. You may often travel to places where your rights or other peoples rights are not exactly priority for the governments or people in charge of security as such common responses to certain situations may not be comfortable with you.
So if you really want to be Cybersafe do the following:
- Enable the passwords / passkeys on everything you take with you.
- Use encrytion on everything / encrypt everything.
Often the above to activities may be enough to keep you cybersafe if you cant adhere to 1 of the other controls.
As you may have already determined by reading this article most of these tools and tactics are common sense practices that you don't necessarily have to be traveling to adhere to. As always be smart if something seems too risky online or with devices make sure you take adequate measures to protect yourself.
More technically themed posts are coming soon - thank you to everybody has reached out requesting more tutorials!
Until Next Time!
The Security Sleuth