There are two common security problems at conferences, and in public in general, that you can protect yourself from with some basic security measures. Conference security is becoming increasingly important as more people not only attend these conferences, but also work remotely in general.
I’m going to look at two conference security issues which you may encounter the next time you’re looking to log onto a public wifi that has been provided, or use a public computer room that is set up for your use.
Conference cybersecurity: Keyloggers
Keyloggers are set up on public use computers at cafes, conferences, and other public computer locations. These malicious pieces of hardware and software log key strokes which are then used to retrieve password, credit card numbers and bank account details.
They’re not hard to find, or expensive either. They’re even advertised on Twitter as they have some legitimate uses:
To protect yourself against keylogging, there are two things you can do. First is the one which will now be obvious, check for keylogger hardware on the back of the computer. If you’re expecting to find something that blatantly looks wrong, or like a piece of hacked together hardware, you’d be wrong. Here’s a picture of a nefarious keylogger from an untrustworthy source…
…Amazon. These things are not hard to find!
They will be attached to the back of the computer between the keyboard and the usual place where the keyboard plugs in. If you see it you can risk unplugging it and hoping that the software is still able to capture data.
That’s the easy way, but we don’t always get the easy option. Many keylogging activities are carried out within the computer software so there’s no way of seeing the device. How you can get around this is by bringing along a USB stick that has both anti-keylogging software installed, and the apps that you want to use. Buy a big stick, you can get 32GB pretty easily, if you have multiple apps that you want to run.
Almost felt bad at missing a local security conference because it's a weekend, then heard the cell service was hacked. Better off at home.
— Rob Nelson (@rnelson0) June 11, 2016
Conference cybersecurity: Man in the middle attacks
A man in the middle attack is when a hacker sets up a nice looking free Internet connection. At a conference this can be a major issue as you can be surrounded many free wifi connections. The conference could have one, the hotel in the conference center could have one, the local coffee shop could have one, and any number of exhibitors could have one.
Coming across on which is ‘free’ isn’t uncommon. Many people want you to win your favor at conferences, and some free wifi is a good way to go. Hackers are aware of this and they offer their own free wifi – except it isn’t free at all!
When you connect to a hackers free wifi, violating the worst of conference cybersecurity measures, they can then intercept any and all information you are sending or receiving over the connection. Every bit of company data could be in someone else’s virtual hands.
You can your own conference cybersecurity against man in the middle attacks at a conference, or anywhere public, by using a well rated VPN service. A VPN service will be able to encrypt your data before it gets to the ‘man in the middle,’ and make it impossible for even the most sleuthy of hackers to steal your information.
At the #pbevent blogging conference AND my account got hacked. Grrrrr!!
— Tine (@fortheloveofme) August 13, 2015