Last updated: 05:00 AM ET, Thu August 20 2015

Travel: The Next Big Target for Hackers?

Features & Advice | Tom Bastek | August 20, 2015

Travel: The Next Big Target for Hackers?

Photo courtesy of Thinkstock

The words “Travel Hacker” have gained a lot of popularity in the last couple of years as “hacks” have become synonymous with saving money, time and hassles.  But there is an all-too-real threat to traveling in which hackers – the deviant kind – are doing things like grounding planes.  Just recently, hackers got into the Sabre System and gained access to who knows what. 

What we do know is that Sabre booked 208 million trips last year and that is a lot of data to have access to.  So, looking ahead to the very near future, where are the hackers most likely to attack next?  More importantly, what can we do as individual travelers to help safeguard our information? 

TravelPulse reached out to Josh Corman, the cofounder of I Am the Cavalry, a security industry organization devoted to protecting future Internet-of-things targets like automobiles and medical devices, to help us sort through the fact vs. fiction of hackers and their targets as well as to get some advice for the next time you travel.

It isn’t so much where, but why

While the image of hackers taking over airport systems, car reservation inventories and hotel computer systems may alarm the average traveler, Corman told us there is little worry for these types of hacks as they aren’t really significant in the grand scheme of things.

He told us that where you have to place your worry is in things that reflect safety, privacy and perhaps most surprising, marketing. Even respectable companies might wind up unwittingly utilizing hacked data, sold through a third party to advance their marketing campaigns. How many companies would want to have access to the data about when you buy a cup of coffee every day, so that ten minutes before you do, you get a coupon sent to your phone for a discount at the coffee shop across the street? 

The same thing holds true for the Sabre reservation system that was recently hacked.  Sure, there is the worry of compromised credit card or other payment data.  But what about the other data?

“Humans are incredibly predictable,” Corman says. “That Sabre information could be used to figure out when you are most likely to travel and for how long.”  If you are a nobody with little income, you are probably not a target, but if you are upper management in a public company, that makes you not only a little more visible, but also a little more vulnerable. 

That's not to say that hackers taking over airport systems isn't a very real threat. Believe it or not, hacking security scanners may already be a thing, and a scary one at that. Placing fake items in people’s bags could lead to unnecessary hassles, but placing fake neutral items over potential hazardous materials could be a national security threat. Grounding planes or hacking into air traffic control has potential to do real damage.

What we can do on a personal level

When it comes to being personally hacked, are there precautions we can take?  The short answer is yes.  Knowing when you are vulnerable is paramount.  Overseas travelers are more susceptible.  “During the Russian Olympics, a lot of people had their phones compromised and never knew it,” Corman explained. “I tell everyone who goes to China to invest in a burner phone and there are many places you never want take your personal laptop.  Get a netbook for a couple of hundred dollars.” 

He went on to say there are many people who lose their technology items at border patrols either permanently or just long enough for the people at the border to incur some hack on the device. “If you are just back from abroad, were in a hostile country, and brought your personal phone with you, I suggest you drop it in a bucket of water.”

He also recommends using credit cards vs. debit cards.  “Your credit cards are guaranteed by the credit card company. Most debit cards don’t carry the same guarantee if compromised.”

The real problem

“Our dependence on computer technology is increasing faster than our ability to safeguard ourselves,” Corman says. “We need to ensure technologies with the potential to impact public safety and human life are worthy of our trust.” Corman is witnessing firsthand how companies are not taking security seriously enough and that is the precise reason why he co-founded I am the Cavalry.  

One of the most public examples of a security lapse was exposed recently when Wired magazine published an article about hacking a Jeep and literally bringing it to a stop in the middle of the highway. Sure, there was a lot of fanfare about this, and Jeep responded, but it wasn't enough. Jeep had to recall 1.4 million vehicles to give them a USB plug-in to defend against the hack. 

Tesla, Mercedes and BMW are currently pushing out security updates over-the-air. Ford has announced it is coming soon. Corman is currently lobbying for not only easier and faster security updates to existing technology, but better planning before the systems are even installed. 

The most important point that Josh wants people to take away is that it is up to us, the American public, to solve these problems.  “If people aren’t asking questions and challenging companies’ security competency by holding them accountable, changes will not get made until it is too late.” 


You may use your Facebook account to add a comment, subject to Facebook's Terms of Service and Privacy Policy. Your Facebook information, including your name, photo & any other personal data you make public on Facebook will appear with your comment, and may be used on Click here to learn more.