It seems no matter what we do nowadays, the use of electronics and digitization becomes incorporated to some degree. With the broadening use of these devices and gadgets comes the growing threat of breaches and cyberattacks that can seem to happen anywhere in any conceivable scenario. Even when we travel, the threats bestowed upon us by these scenarios are real and plentiful. This is especially the case for scientists and researchers. More often than not, scientists and researchers frequently travel with important or sensitive data digitally stored on their gadgets and electronic devices that hackers and other cybercriminals would love to get their hands on using their infiltrative methods.
A lot of scientists travel internationally, for example, where cybersecurity has become an increasing concern. Some regions of the world like East Europe are developing reputations for issues with hackers and border patrol officers in some nations insisting they see a device’s files. Fortunately, the options are quite plentiful for researchers to keep their digital data safe. Between overly tightened border security, opportunistic cybercriminals, or government-sponsored hacking operations, securing private digital data is comparable to asking a physician for advice on staying healthy—there’s general input you’ll receive, but the specifics will differ based on the nature of your scenario and surrounding environment.
Regardless of the perceived threats a traveling scientist might face, the first step in data protection is encryption—the process of making data unreadable by mathematically transforming the content with an electronic key. Most smartphones, for example, use whole-disk encryption by default, and the number of options for encrypting laptops are far broader. When dealing with highly sensitive data, these kinds of files should be encrypted individually, using a computer or laptop’s built-in file protection tool or free encryption software programs like Veracrypt, BitLocker, or 7-Zip.
Outside of the data their devices contain, researchers should also consider the actual physical security of their electronic devices, since laptops, cellphones, and other electronic gadgets are widely rendered as high-value items that are attractive targets for thieves. When preparing for this kind of scenario, it’s essential to make sure your data stored on these devices isn’t irreplaceable. A practical solution could be a tracking app, which is capable of remotely wiping a lost laptop or phone, thus ensuring data isn’t compromised in the event of such hardware being stolen.
When traveling, it’s wise for scientists and researchers to avoid carrying digital data on their person entirely. Any sensitive or important information can be digitally stored in cloud services like Dropbox or Google Drive, and later accessed from another location. While these services are encrypted and generally secure, extra steps should be taken by traveling researchers by encrypting their files before uploading them to these cloud services in case these servers are hacked, or their account passwords are compromised. Since these servers are often set up to provide instant access, international travelers would be wise to remove mobile app versions of these services from their devices, and clear their browsing histories before traveling. Virtual plane networks (VPNs) are also a viable tool traveling scientists can use to establish secure network communications over otherwise insecure Internet connections. While VPNs are fairly easy to use, they can get more complex in countries where governments exert tight control over their Internet (like China).
In the past year, the number of electronic devices searched that are entering the United States has increased dramatically. Over 24,000 devices were searched in 2016, nearly tripling the 8500 devices that were evaluated in 2015. Researchers aren’t exempt from this policy change, as shown a few months ago when a NASA scientist was detained at the US border, and had to surrender his NASA-issued cellphone and PIN. The data on his devices was copied, and NASA had to run a series of tests to determine if anything was installed or removed.
It’s worth mentioning how tempted travelers might be to try hiding information using tricks like “duress passwords,” which (instead of genuine passwords) unlock a device but keep a portion of its data encrypted and hidden. These approaches can ultimately blow up in someone’s face, since it’s essentially a crime if you’re caught lying to government agents. Border patrol officers might not always recognize a scientist’s obligation to protect their confidential data, and scientists might not necessarily be aware of these legal aspects that apply to these scenarios. Despite the confusion that could arise, it’s a border agent’s job to prevent dangerous individuals or materials from entering the country. Something seemingly minute as coming across encryptions that turn out to be highly sensitive intel a scientist is supposed to protect could quickly escalate into an inconvenient and unavoidable dispute.
Filed Under: Cybersecurity, M2M (machine to machine)