You might have heard, the security protocol used to protect the vast majority of WiFi connections has been cracked, potentially exposing wireless Internet traffic to malicious eavesdroppers and attacks. Peru is far from a dark, disconnected corner when it comes to Internet access.
So now more than ever, with the convenience of widespread WiFi and cell service comes increased risk that cyber-criminals will try to steal your personal information.
Researchers revealed the new exploit called KRACK takes advantage of vulnerabilities in standard WPA2 Wi-Fi security. WPA1 is also affected and KRACK renders the even more antiquated WEP security completely worthless.
Wired magazine recommends that everyone “install updates for as many of your devices as possible as soon as they come out, and make sure you only share sensitive data on sites that use HTTPS encryption.” HTTPS stands for HyperText Transfer Protocol, with an S appended for “Secure.”
Fertur Peru Travel recently upgraded its Web sites and internal platform to HTTPS, which protects our web traffic using an encryption protocol called SSL or TLS.
Almost all the hotels in Peru’s major tourist destinations, like Lima, Arequipa and Cusco, offer WiFi, most for free as a courtesy service for guests. Even some of Peru’s remotest destinations, be they jungle outposts or Andean Inca ruins, have hotspots providing a few precious bars of Wi-Fi.
It’s not uncommon now to see visitors at Machu Picchu pull out their cell phones to call home or instantly upload a keepsake photograph to their Instagram or Facebook.
But here’s the reality.
Peru ranks seventh among the countries most affected by cyber crime in South America, registering losses projected to reach $4.8 billion by the end of 2017, business daily Gestión reported in August.
With that in mind, here’s some advice on how to keep your web activity as safe and secure as possible during your travels in South American in general and Peru in particular.
- Run operating system security updates at home before embarking on your trip. Plugging that security hole with a simple click at home will keep you much safer from cyber criminals during your vacation. Clicking on a security patch that pops up your screen in the hotel room should be cautiously scrutinized.
- Clear the cache on your laptop and back it up before leaving home and clear all passwords you might have saved on your browser.
- Travel with a strong antivirus software installed on your laptop, like Kaspersky Total Security, which not only provides real time filtering to detect malware, but also offers strong protection against key logging.
- An encrypted password manager program is also highly recommended, like Kaspersky’s, LastPass, KeePass, RoboForm, etc.
- Enable two-factor authentication on your laptop and hand-held devices for web services you believe you just can’t do without (Google/Gmail, Facebook, Instagram, etc.). That way if an intruder does manage to get your password, the service sends a second code, usually via SMS, as an added layer of security to ensure it’s really you.
- Use HTTPS (a secured Hyper Text Transfer Protocol Secure) connection whenever possible online to encrypt the data between your browser and the website that you are connected to.For just this purpose, The Tor Project and the Electronic Frontier Foundation developed an extension for Chrome, Firefox and Opera called HTTPS Everywhere, encrypts communications with many major websites.
- Consider using a virtual private network (VPN) service to further encrypt your connection and help block digital eavesdroppers and snoopers. The paid VPN services are better than the free ones, which tend to provide limited bandwidth that can slow you down, but choose your provider carefully.
- Most hotels in Peru will generally employ a modicum of security sense when it comes to setting up their Wi-Fi networks, but even, so they could do a much better job setting strong access passwords and changing them with more frequency. If the receptionist tells you that the password is some iconic Inca name or word, like “Pachacuti,” “Chasqui” or “Intihuatana,” that should set off alarm bells to employ even more vigilance.
- Avoid online financial transactions as much as possible. Try to limit your Internet use to nonsensitive activities. Using some or all the above mentioned precautions, post updates to your Facebook, browse news sites and communicate via email with your loved ones back home. But be careful not to reveal too much personal information about yourself, nor a steady stream of news about your specific whereabouts or your itinerary.
- Do a full update of your anti-virus database as soon as you get home and run a full scan.