Each year, an ICT security conference is organized by the eSecurity Association with over 180 participants, mainly in the field of IT security. I came up with the idea to write a post about how to stay safe in a conference where a large number of hackers are present and where exposure to their attacks is increased. Below you can read practical instructions that you can apply when attending events such as DefCon or any similar conference.
Here are tips to stay safe:
– Initially, you should start with securing your mobile phone, which means that WiFi, Bluetooth, and NFC functionality will be turned off at the beginning. The only thing that wireless protocols could use as an exception is 4G, and only under certain conditions. The other thing is that it is mandatory to use the key to unlock the screen by no ordinary slider and set the auto-lock time to 30 seconds or less. Also, a complete phone, whether it is an Android or iPhone device, should be encrypted. Finally, it is important to note that you never give your phone to anyone as you do, and disconnect from it and leave it out of sight.
– Another thing to pay particular attention to is your laptop computer. As with the phone, the same thing applies here, that the laptop should never be left unattended, that the screen lock and password should be used for access, and that all data must be encrypted. This also applies to never leave your laptop in the room where you are staying while presenting. Also, never but ever insert a USB, SD Card, or similar device into your laptop.
– The third is internet access. The only internet that should be used in places like this is 4G, with limited access to sensitive information. Only access social networks and mail accounts if you have 2-factor authentication enabled, otherwise access should be avoided. Never go to the URLs someone tells you or sends you in a message. This also means that you never click on the 3d barcode and thus go to the site address.
Here are some other things to consider:
– One of the things that should be strictly taken care of is that you never plug your devices, such as your phone, tablet or laptop into anything. Also, make sure that you do not charge your devices on public USB chargers and that the laptop never hooks up to an Ethernet port anywhere. If it is necessary to recharge the device, be sure to carry an external battery with you.
– Never use an ATM or anything that uses a credit or debit card. Also, if your card has RFID and carries it with you, be sure to store it in special cases that block all kinds of radio communications.
– If you need to exchange text messages, be sure to use Signal.
– On all the devices you bring with you make sure that all applications are up-to-date, this applies to both iOS and Android OS as well as any installed applications.
I hope that in this post I was able to at least spark your imagination and alert you to what can happen when you attend such events. If you have read this you are now ready to prepare yourself well before you go to events like this and be as safe as you are when I was there when I wrote this post.