The world’s biggest gathering of A-listers might be the world’s biggest watering hole for hackers. If you’re going, here are a few tips to protect yourself.
Across the world, the turning of the New Year is marked with champagne, fireworks and festivities. But for many movers and shakers in the worlds of business, technology, philanthropy and finance, January means one thing: the World Economic Forum’s Annual Meeting in Davos.
Alas, sophisticated hackers are interested in Davos too. In fact, they have a name for the event and others like it. They’re called “watering holes.” If that name conjures images of zebra and gazelle sipping nervously from a muddy puddle, you’re on the right track. Watering holes are locations - both virtual and physical - where prey gather. In the case of Davos, the prey are the dizzying array of the world’s top executives, political leaders and thinkers who come to discuss, debate, eat, drink and surf (the Internet).
So, if you’re going to be visiting at Davos come January - congratulations! But - to paraphrase the movie Fight Club - remember that the first rule of Davos is ‘don’t get hacked at Davos’. To help you keep the bad guys at arm’s length, here are a few useful tips to follow to keep your Davos adventure private and secure.
First - Isolate your data.
It’s not just hardware that you need to worry about while attending a high profile, high-value event like Davos. If you’re a working professional these days, most of your important data lives in the cloud. So even if you’ve decided to use an extra “burner phone,” it doesn’t do you much good if you access a corporate email account or social media account from a burner device if the end result is the same: that sensitive account getting compromised.
The solution: enable two-step verification account access for all your platforms and accounts, and consider setting-up one-time email, voice (Skype, Google Voice) and social media accounts for your trip and then let trusted contacts know that you’ll be communicating from them on the road. Consider not connecting to any of your real accounts. Then, once your trip is over, delete or suspend the accounts. This is a challenge, to be sure. But, by isolating your exposure that way you can at least limit the damage from an account compromise to a very shallow pool of data.
Second - Keep it light.
A conference like Davos is invaluable for networking and business development, but you really never know who is listening or how they’re doing it. Davos is probably not the time to get on the phone to delve into the details of your company’s big acquisition, the breakthrough in the lab, this quarter’s numbers or your product roadmap. Maximize the value of the so-called “Magic Mountain” by keeping your focus on what’s going on in Davos and keeping the communications back to corporate both sparse and terse.
Third - Secure every connection.
You’re not going to be able to stay offline at Davos - that much is sure. Whether it is messaging between sessions at the “Congress Centre”, browsing the Web while at one of the numerous lounges, or checking your emails back in your hotel, you will need to go online often. That’s why, in addition to considering using burner devices and one-time accounts, you’re going to want to secure every connection you will be using to access the Internet. You can do this by using a Virtual Private Network (VPN) to create a secure tunnel for any Internet traffic to and from your device, protecting it from prying eyes on the public Wi-Fi or elsewhere. Before you go, make sure you have chosen and installed a respected VPN and tested it in conjunction with any sites and services you intend to use on site at Davos. Doing so could mean the difference between staying safe (and private) and becoming a victim.
Following these steps won’t necessarily keep you from getting attacked and even hacked at a high-level watering hole. Attacks and attackers are clever and unpredictable. What they will do is help to isolate any attack on you and greatly limit the damage and fallout resulting from that attack.
David Gorodyansky is co-founder and CEO of Anchor Free, Inc., the creators Hotspot Shield VPN, the most widely used online privacy and security app in the world. Mark V. Vlasic is an Adjunct Professor of Law and Senior Fellow at Georgetown University’s Institute for Law, Science and Global Security, and leads the international practice and Madison Law and Strategy Group.