Business Travelers: Don’t drop your cyber guard in Russia or China and Iran
Your host kindly greets you the minute you arrive at your hotel, casually directing the bellhop to take your bags to your room”including the one containing your laptop that is mysteriously delayed on its way to your floor.
He generously puts his luxury sedan at your disposal, with a driver whose English language skills appear to be limited so that you feel free to discuss your negotiating stance for an upcoming meeting in his presence.
Your smartphone runs out of juice, but fortunately your hotel and the local airport are conveniently equipped with charging stations. Unfortunately, the devices exchange a little bit of electricity for all of your data.
When FBI Special Agent James Corbett, a counterintelligence specialist, spoke to members of the New EnglandCanada Business Council NECBC, he told the group of business and financial executives that foreign governments and businesses will stop at nothing to get a competitive edge. He regularly warns Americans who travel internationally on business that seemingly innocent gestures should raise a red flag.
Agent Corbett put it this way: “In many countries respect for and an expectation of privacy is simply a foreign notion. Cleverness is respected far more than fair play,” which includes enticing executives into compromising positions.
Check out the FBI’s Cyber Security Travel Tips.
Jubin Pejman, managing director of FCM360, an internet service provider specializing in financial transactions and cybersecurity counter measures concurs. “Tablets, laptops and smart phones are so convenient and powerful that it’s easy to become complacent when it comes to securing the vast amounts of data they store—especially overseas where corporate and government spies will go to extremes to gather any information they can to gain an advantage.”
Foreign governments will piece together information from several travelers from the same company or government agency to create a composite picture that will provide competitors with your intellectual property, customer lists, passwords and more. “The bad actors are no surprise with Russia, China and Iran heading the list.” Says Pejman an Iranian native who left the country when the Shah was deposed in 1979.
To combat corporate espionage, “Sanitize all your devices before you go. Erase the memory, leaving only the operating systems and bare-bones applications. If this is too inconvenient buy a spare smart phone for foreign travel. While overseas, keep all contact information, notes, plans and documents that you need on a thumb drive and keep it in your possession at all times throughout your trip.
Do not rely on the guestroom safe for security,” says Agent Corbett, adding “When you return, have your company’s Information Security Officer examine your devices for suspicious access and spyware installations.”
Agent Corbett warns business executives to suspect any delay—when government customs officers see a potentially high-value target they often coordinate an eavesdropping effort with covert agents at local hotels before they let you pass.
In addition to electronic surveillance and cyber theft, one can also encounter old-fashioned tradecraft when overseas. Agent Corbett confirms that there is plenty of truth to the dramatic FX TV series, The Americans in which actors Keri Russell and Mathew Rhys portray KGB agents masquerading as The Jennings, a typical American family next door. Agent Corbett emphasizes, “Beware of friendly strangers and compromising situations.”
FBI Special Agent Corbett's Cyber Safety Rules for Business Travel in Russia
Before you go, sanitize all electronic devices leaving only the operating system and basic applications in memory.
Keep all personal and company data on a thumb drive and keep it in your pocket.
Beware of undue delay when entering the country and when arriving at your hotel. Missing bags or your room not being ready are tip-offs that spies are at work.
Keep rechargeable power sources on hand. When you need to charge your phone, or tablet, charge up the power source first and then charge your device from the battery pack. Charge cords plugged directly into electric wall outlets are safe.
Do not use your host’s company computer to log into you’re your corporate offices back in the US; it’s an invitation to install spyware.
Cyber spies can turn on the mic in your smartphone remotely. Keep smartphones turned off when not in use and do not discuss confidential information via phone.
Clear your Internet browser after each session, deleting history, caches, cookies and temporary Internet files.
Discard thumb drives given out as advertising premiums at trade shows as they often contain malware that can automatically copy your data and transmit it the next time you log onto your company system.
Be aware that the expectation of privacy is not the same overseas as it is in the US. Expect cabdrivers, waiters, customs officials and others to relay anything you talk about to your hosts or their government.
Clean out voice mail immediately, as passcodes can become compromised when retrieving messages.
Change your passwords as soon as you return home.