Protecting High-Profile Travelers: Mobile Device Security

Written By Ago Poolakese

High-profile positions, such as those in politics or senior management, often require frequent travel for work. These roles typically involve using mobile devices to access sensitive data while on the move. Unfortunately, mobile devices can be targeted by threat actors, including foreign intelligence services, criminal groups, or competitors. If compromised, these devices can lead to unauthorized access to an organization’s network and critical data. Therefore, it is crucial to assess the risks of using mobile devices in certain locations before embarking on business travels.

Threats to Mobile Devices and Information

Threat actors employ various techniques to gain access to devices and sensitive information. Common attack methods include:

  • Shoulder Surfing: Physically viewing and stealing sensitive information.

  • Phishing: Sending fraudulent emails or texts with malicious files, links, or requests for personal information.

  • Spear-Phishing: Targeting specific individuals with tailored, convincing messages.

  • Whaling: Targeting high-profile individuals like CEOs for their access to sensitive information.

  • Network Spoofing: Masquerading as a legitimate network.

  • Signal Jamming: Disrupting or blocking communication signals.

  • Adversary-in-the-Middle Attacks (AitM): Intercepting and potentially manipulating communications.

  • Ransomware: Encrypting files or locking systems until a ransom is paid.

Travel Devices

Organizations should identify and assess the risks for high-profile travelers and determine their level of tolerance. If the risk is significant, issuing travel devices with limited functionality and data storage can be a mitigation measure. If travel devices are not available, ensure that travelers use corporately owned devices with appropriate security controls installed. High-profile travelers should also complete awareness training to further mitigate risks.

Organizations should advise against using personal devices for business purposes during travel.

High-Risk Travel

Travel is considered high risk if a traveler’s identity or occupation is well-known or high-profile, especially when traveling to widely known events or high-risk destinations. Organizations should consider all potential risks introduced by international travel and implement measures to mitigate those risks. If unsure about the risk level, travelers should contact their IT security department.

Guide for High-Profile Business Travelers

Before Your Trip:

  • Contact your IT security department for additional security measures or a temporary travel device.

  • Enforce multi-factor authentication (MFA) for device and account access.

  • Install anti-virus, spyware protection, and a firewall.

  • Configure devices to run anti-virus software on storage devices upon installation.

  • Run updates and install patches for operating systems and applications.

  • Backup devices for possible recovery.

  • Remove unnecessary data and applications.

  • Install a VPN application for secure data transfer.

  • Encrypt all sensitive information on your mobile device.

  • Limit administrative privileges to secure software settings and restrict downloadable applications.

  • Turn off Bluetooth, Wi-Fi, hotspot, and location sharing when not in use.

During Your Trip:

  • Encrypt sensitive information.

  • Avoid using personal accounts; if necessary, secure them with MFA and inform IT.

  • Assume communications over public servers can be intercepted.

  • Use your organization’s network and VPN for sensitive information.

  • Be wary of devices and peripherals from outside your organization.

  • Keep devices in your possession and be aware of your surroundings.

  • Ensure devices are locked when not in use.

  • Maintain control of chargers, cables, and peripherals.

  • Do not store or communicate information above the approved classification of the device.

  • Turn off devices before going through customs and security.

  • Inform IT if your device is inspected by security.

  • Communicate security concerns with your IT security department.

After Your Trip:

  • Use anti-virus software to scan devices for malicious activity before connecting to home and work networks.

  • Change passphrases, passwords, or PINs on devices and accounts accessed while traveling.

  • Report suspected security concerns to your IT security department for further investigation and mitigation.

If you notice suspicious activity on your device during or after travel, follow these security measures:

  • Disconnect your device from the Internet and other devices.

  • Use another device to contact your service provider and IT team to begin incident management processes.

  • Keep the device disconnected for the rest of your trip.

  • Examine the device in your organization’s secure environment upon return.

  • Eliminate the threat from the device and use the latest secure backup to restore it.

  • Replace the device’s SIM card.

Ago Poolakese
Previous

Sophisticated Multi-Stage Attack Leveraging Microsoft Teams