This was originally written in early 2017 for a friend of mine that asked for advice about how to avoid being hacked when traveling abroad.  It mirrors much of the DHS Travel Safety advice, but is meant to be a little more practical. I’m re-posting it here for the benefit of others. Note that this checklist applies for pretty much any hostile cyber environment – but was written with China in mind.

If you have reason to think that you’ll be targeted – particularly if you have access to data valuable to the country you’ll be traveling to – seriously – don’t take your PC into the country. Set up a burner device and use it only in combination with a VPN service. Otherwise… proceed with caution:

Pre-Flight

  • Set a lock and PIN on your phone.
  • Turn on your phone’s auto-lock.
  • Add a privacy screen to each device.
  • Ensure you’ve configured full-disk encryption on the device.
  • Configure two-factor authentication whenever possible.
  • Configure Android or Apple’s Device Finder so you can remote wipe.
  • Ensure you are running the latest software versions.
  • Sign up for DHS’s Travel Alerts.
  • Completely power-down the device before you arrive at your destination. Attackers can easily siphon data off a locked PC.

After Arriving

  • Keep devices close to you and within sight at all times.
  • Do NOT let authorities take the device from you during entrance / exit.
  • Do NOT leave systems in your hotel room.
  • Do NOT plug any media – USB stick, SD card, etc – into the system.
  • Do NOT use the internet without a secure VPN connection. Many VPN services won’t work, but Express VPN seems the safest and most likely to work in China.
  • Turn off Wi-Fi and avoid any public / hotel / café Wi-Fi connections unless you are automatically connecting to a VPN at time of login.
  • Avoid logging into any account on any shared computer.
  • Assume all HTTP/S traffic outside of a VPN will be inspected and is thus compromised.
  • Keep Bluetooth off – I’m not aware of any exploitable vulnerabilities bluetooth, but no sense in exposing the attack surface if it’s not needed.

Upon Return 

  • Wipe the burner machine and re-image.
  • Rotate any used passwords upon return. Use something like 1Password or Lastpass to make this easy.
  • If any services share the password you used while abroad, assume it’s compromised.

Each person’s situation is unique and this advice is specifically designed for the business-person headed to China, but if you follow this advice, you’ll be a difficult target.

Further Reading:

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s