DarkHotel: Dangers in the Dark
Kaspersky Labs recently announced a new advanced persistent threat (APT) known as DarkHotel. As the name implies, this APT is specifically targeting executives and government personnel utilizing the WiFi provided at high-end hotels. The guest is prompted to update software in order to use the WiFi, and, instead of an update, a sophisticated time-delayed malware program downloads.
What makes this APT unique is that it remains dormant for an extended period of time. In fact, Kaspersky classifies DarkHotel as a seven-year-old cyber espionage campaign against C-level executives from various nations as they travel in the Asia-Pacific region.
There are a few ways you can protect yourself from these attacks. For instance, use cellular data instead of WiFi; use a locked down device like an iPad; or use a disposable laptop for travel that gets completely wiped upon return, and only use it to access temporary email to avoid inadvertently providing access to sensitive information or documents.
While DarkHotel occurs before gaining providing Internet access, using a VPN should become second nature since it provides protection against a very large fraction of WiFi based attacks.