The hospitality industry is experiencing an increasing stream of attacks by professional criminals, using the latest cutting-edge technologies to infiltrate systems that were really not set up to combat the intruders.
A report by cyber security firm Trustwave focuses on the industry being “under siege” from skilled and persistent hackers, who employ advanced strategies to penetrate networks and systems, typically causing disruption or threatening blackmail.
The cyber criminals are effectively performing ‘best practice’ in tech security, using aggressive tactics and the latest tools, except that the goal is nefarious.
Common practices include coordination by multiple specialist players, using encrypted messaging platforms, and the sharing of knowledge, on the dark web and forums dedicated to hacking.
There is even a ‘shadow travel industry’ on the dark web that trades in stolen personal and loyalty account information.
“Cyber criminals now operate like businesses,” says Craig Searle, director of Trustwave, which provides technology consulting and a range of professional services.
It’s said that hospitality is particularly vulnerable to these kinds of co-ordinated attacks due to its high number of networks available to the public and frequency of critical vulnerabilities, seeing systems often lacking visibility or monitoring, or not equipped with real-time response protocols.
The opportunities increase as hotel businesses increase their reliance on digital processes, making security even more vulnerable.
“Hospitality teams focus on delivering quick, seamless guest experiences, which can lead to gaps in security awareness,” continued Searle.
“Cyber criminals exploit that mindset using fake booking messages, vendor impersonation or urgent requests to get around defences.”
These methodologies have seen ransomware groups such as Akira and Conti exploit third-party vendors and stolen credentials to target Australian hospitality businesses, as happened at TFE Hotels and Sydney’s Fullerton Hotel.
Once bad actors have permeated a network they can potentially affect key infrastructure, such as management and payment systems, or even guest communications.
Some good news is that the Australian government takes these issues very seriously and our regulatory framework is robust, by global standards, metering out stricter penalties for privacy violations and applying greater oversight to third-party vendors.
But the predominant threat is increasingly ransomware attacks, which continue to grow because they represent a better ‘return on investment’ strategy for hackers.
This and other threats are being bolstered by the advent of artificial intelligence, destined to deliver greater and more convincing approaches through a broader variety of channels, encompassing email, SMS, and social media.
“Ultimately, this will increase the likelihood of successful attacks against Australian hospitality businesses unless further investment is made in improving preventative capabilities such as managed detection and response, email protection and employee awareness training,” bodes Searle.
