While you're sailing the seven seas, blithely enjoying pina coladas and snapping pics with your camera phone in port, hackers could be stealing or viewing your passwords, email logins, bank accounts, documents, photos and more.
Traveling makes you vulnerable in many ways -- you're away from home, you don't know the customs of the land -- and in this modern age when you vacation with your phones, tablets and laptops, you're especially at risk. Most people don't think about keeping their data safe when they go on a cruise, but cruising and its associated travel offer many opportunities for criminals to take advantage of weak security and steal your data.
We got expert advice on how to keep your data safe when cruising. Follow these tips to protect your personal information.
1. Don't use public Wi-Fi networks or USB charging stations.
The airport, the cruise terminal, the beachfront bar -- they're all offering free Wi-Fi, and you'd rather check your email or post to Instagram there than pay for pricey ship Internet. Problem is those networks are often vulnerable to hackers -- or, in the case of some foreign establishments, set up for the purpose of mining data from unsuspecting tourists. Even the free USB port charging stations offered in airports can be tampered with so they steal the data of connected devices.
If you must use Wi-Fi in a public place, make sure you ask an employee for the correct network, login and password. (It's better to use password-protected networks.) Sometimes hackers set up networks with very similar names to trick people into logging onto their systems instead. If you need to charge your device, attach your USB cord to a regular outlet plug, and use that to charge up. You can also buy USB data blockers (known as "USB condoms") to protect your USB-connected device from a hacked public charging station.
Wondering how safe cruise ship Wi-Fi networks are? We asked Sanjay Singam, vice president of global operations and engineering at ITC Global, a company that provides satellite communications and connectivity solutions for cruise ships, who said he was quite pleased with the level of security he found on a recent Carnival cruise.
"When you compare the internet on a cruise to your home network, the difference is that you need a username and password to log in to the ship's system," he said. Some lines even offer two-factor authentication for extra security. That's safer than your home network, which is accessible to anyone who knows the password, and definitely safer than public Wi-Fi in cafes and in port."
Plus, cruise ships employ firewalls and other technology (provided by ITC Global and companies like it) that make their satellite communications systems much harder for hackers to crack. "The goal is to make the ship as small a target as possible," said Singam. A hacker would need expensive equipment and in-depth knowledge to hack a ship's system, making the payoff less worth the effort when easier targets are out there.
2. Use data.
Experts say it's safer to use your cell phone's 4G network than public Wi-Fi if you need to surf the web or send an email while abroad. Data plans at sea are extremely pricey, but it's not ridiculously expensive to get an overseas data plan for use in port. Some providers, like T-Mobile, have plans that offer unlimited free data abroad.
3. Clean and protect your device.
Take time to make your device travel-ready before you leave home. Make sure all your software and apps are up to date, including antivirus systems on your laptop. The latest patches often contain security updates, so you'll want your device to be as protected as possible against outside threats.
If possible, remove all (or much of) the sensitive or private data stored on your computer, tablet or phone. Move it to an external hard drive you leave at home or to password-protected cloud storage. It's not only hackers who might gain illegal access; border agents can demand to see your unlocked devices and deny you entry until you comply.
Make sure you use different passwords for all your password-protect accounts and websites; make changes before you set off on your cruise. Upon your return, consider changing all your passwords again, just in case.
Turn on two-factor identification for all accounts that offer it, whether that be your social media account or you online banking account. Also disable Bluetooth and Wi-Fi connections when you're not actively using them.
4. Be smart about which sites you access while traveling.
Your cruise vacation is not the time to be logging into your 401K and checking on your stocks or checking for results of your MRI. Be smart about which password-protected websites you access while traveling to avoid unknowingly providing that information to hackers. Try not to log into your bank account, unless you really need to check a fraud report. (However, Singam says that most banking sites use two-factor authentication and https security, so you needn't worry too much if you must log in from your ship.)
Download movies or music before you depart, rather than streaming; safety aside, many cruise lines don't allow streaming or charge more for the privilege. They also might block sites (such as porn sites) known for downloading malware onto your device when you access them.
If you can't get away with not checking email for a week, at least practice basic common sense when it comes to data protection, Singam said. Don't share credit card or Social Security information over email, and don't download attachments -- especially if you don't know who the email is from. Phishing scams, he warns, are becoming more sophisticated and can send you emails that look like they come from someone you know, like your boss. If you don't have the time to carefully read an email, don't respond to it until you're home and more focused.
5. Use a VPN.
A VPN service will protect your device if you choose to use public Wi-Fi. Anyone spying on your online activity will only see your connection to the VPN, not the individual websites you choose to access. While most people think about using VPNs for work, individuals can purchase subscriptions to VPN services (such as Express VPN) to secure their personal devices.
There are a few caveats to this approach that cruisers should know. Using a VPN can slow down your Wi-Fi, which could be a problem on top of already slow cruise ship connections. Plus, some cruise line Internet packages don't allow VPN use.
Also, many VPN services require monthly subscriptions; you can't just buy one for the length of your weeklong cruise. (However, if you travel in general, the investment could be a good one.) Finally, make sure that whatever service you contract offers strong privacy terms and does not keep a log of your VPN use and sites visited.
6. Bring a loaner laptop or burner phone.
This pricey approach is recommended for cruise destinations like China or Russia, where travelers are especially concerned about data theft or having their device stolen. Instead of bringing your personal laptop or phone, bring a loaner that does not contain any personal information on it at all. That way, if you lose it or it's hacked, you won't lose any sensitive information.
7. Use RFID protectors.
Your phone or tablet isn't the only travel essential that can leak information. Criminals with the right technology can also steal information from your passport and credit cards. Use RFID-blocking sleeves to protect your information from rogue sensors that can mine your data as you walk through a crowded cruise terminal or airport.