Cyber Threats: Just Some of the Time?

I recently read a WSJ report, about cyber security in light of the Olympics.  For some traveling to Beijing for the games, as spectators or those seeking business opportunities, they may take with them laptops, smartphones, or digital storage media.  Pay attention.

WSJ reported that a debate had taken place whether to warn the public of the danger posed by Chinese hackers.  Let me put the debate to rest.  I'll do it here and now.  Okay, it's public.  But shouldn't cyber security be a year round threat and not just during the Olympics in China?

And it's not just Chinese hackers we need to be wary of.  How about being wary of hackers in general?  Despite the paralysis suffered by the US government on this issue, the Department of Homeland Security has issued warnings of cyber threats against mobile workers who travel overseas.  Because the threat was not specific, this alert was not made public.  


The WSJ article came out before it was made public of the IOC's deal with the organizers of the Beijing Games to allow the Chinese government to implement Internet censorship it deemed not related to the Olympics, cutting off thousands of journalists off at the knees.  

Somtimes bloggers to reprint materials from other sources, I have reservations about copyright ownership.  So I will offer links to pertinent information instead of posting the relevant information here.  I apologize for the inconvience :)

I've included the Homeland Security assessment here.  I hope WSJ will make this perpetually available to the general public.  It is a 3-page PDF file that described key finds as follows:  foreign powers targeting Americans traveling abroad with the goal of fathering "economic, military and political information".  Essentially, viruses, trojan horses, or exploitations of any security holes will be pursued to that end.  Even trickery.  

I think the report is right in not mention any specific foreign state or body that poses as a threat.  This is not just a matter of the Olympics because cyber security threats exist all year around all over the world.  Here are the highlights of the report:
  • Travelers are to assume that they will be unable to protect their data that they may transmit over the Internet.
  • Expect no privacy.  You're always a potential target.
  • Expect all transmission to be intercepted.  
  • Expect viruses, malware, and spyware to be installed at all ports of electronic access - cafes, hotels, etc.  And expect all portal media to be infected if they were connected to to these access points.  
  • Assume foreign authorities may find an excuse for inspections of laptops or portal media for the sole purpose of copying information.  
I stated those main points to highlight what a mobile worker could be up against.  The later part of the report, "protective measures", offer tips on what to do to avoid being a victim of information theft.  The gist of the report recommendation is this:  use common sense.  
  • If you don't have to bring your laptop overseas, leave it at home. 
  • Assume your portal media is infected with malicious software.  Plug it into your network back home can make things worse.
  • Use the best encryption available to you to protect your data.  
While I generally believe in our government's ability to provide for the common defense and against terrorism, I believe it our duty to be pro-active in matters where it's within our control.  I hope the information and guidelines help you protect your data whether you're a mobile warrior in the private or public sector.


The US Cyber Consequences Unit also offered a similar guideline to protect your data.  They help you assess whether you are a potential target of cyber theft, how to do a presentation without a laptop, and how best to secure your portable devices.  Also for your consideration:


I understand the sensitive geopolitical nature of making such an announcement so close to the Games.  I'll leave the politics to the politicians.  Luckily for the rest of us, we don't have to worry about that.  

No comments: