The Hotel Hijackers
January 17, 2020
After all these years we’ve been in cyber security, there is one thing we know for sure: a cyber-criminal’s main motivation is always money. That’s why the hackers use Trojans to get the confidential data: the always-multiplying, information-stealing bugs that infect our computers and devices. One example of this is CryptoLocker, a popular attack that uses ransomware to encrypt important information then forces the victim to pay a ransom to get it back. Over time, we’ve witnessed both the “classic” malware and the new attacks that are devised specifically for each victim, and how companies are dealing with these attacks. Most recently, these cyber-criminals have been going after hotel chains.
Why Hotels?
Hackers see hotels as juicy business. When a phisher considers a hotel, they are thinking of how they can “fish” from the millions of rooms, used by millions of customers, which generates millions of pounds. From booking a room to the payments made at shops and restaurants, hotel chains have complex networks that save enormous amounts of sensitive and private data, just waiting to be compromised. If you stayed at a hotel recently, you might want to double-check your credit card statements…
A Promised History
Most of the hotels, regardless of size, have been victims of cyber-crimes. Cyber-criminals also have their eyes set on companies that provide services for the hotels.
Some Examples…
White Lodging manages a number of well-known hotels like the Hilton, Marriott, Hyatt, Sheraton, and Westin hotels. Although they are more of a hotel management company than a hotel chain, they were still victims of a big cyber-attack. Customer credit card and debit card information was compromised from fourteen of their hotels. A while later, they suffered another attack, this time hitting ten hotels (some of them were also victims of the previous attack). The hackers came back for more: stealing data from credit cards like customer names, numbers, security codes, and expiration dates. This affected 24 hotels.
The luxurious Mandarin Oriental was attacked too. Malware infected POS (Point-of-Sale) terminals from some of the group’s hotels in Europe and America. The malware was specially designed and directed towards these type of machine systems, allowing them to steal credit card information.
One of the biggest cyber-attacks in hotel history. The Hyatt hotel chain confirmed that a press release resulted in infected point-of-sale terminals from 249 hotels of their hotels in 54 countries. Their POS terminals were infected, and all customer credit card information was stolen.
This is not a fantasy
There is real economic interest behind these attacks and curiosity about remaining unknown. The hotel sector has become one of the main targets for cyber-criminal gangs. Along with motivation, there is malware that is designed specifically to scrape important credit card information from the POS systems, making it clear that these hackers won’t be going away anytime soon. This alarming situation not only affects the sector economically, but it endangers their reputation, causes panic among their customers and destabilises the business.
We must be alert
Malware that infects point-of-sale terminals to steal credit card data, and targeted attacks against hotel systems to steal confidential data, are two examples of what can happen during a cyber-attack. These kinds of attacks have severe repercussions to a hotel’s finances and reputation. Hotels need to reinforce security on their network, devices and systems, and know how to choose the right protection system for their business. Not any protection system will work for this sector, because not all of them offer the same level of security, and not all of them can protect in any digital ecosystem or business environment.
The Solution
To protect against advanced threats and targeted attacks, we need to have a system that guarantees Data Confidentiality, Privacy of Information and Business Reputation, and Legacy.
JC Cyber Security’s Protection Plan offers first and only cyber security service that combines the most effective traditional anti-virus and the latest advanced protection with the capability of classifying all executed processes.
Packages on offer can detect malware and strange behaviours that other protection services cannot because it classifies all running and executed processes.
Thanks to that, it can ensure protection against known malware and advanced Zero-Day Threats, Advanced Persistent Threats and Direct Attacks.
We are able to oversee everything that takes place on the network: timeline of threats, flow of information, how the active processes behave, how the malware entered the system, where it is going, who intended to do what and how they got that information and more!
Protect your business and customers now, talk to us about The Protection Plan.
Follow Us
Be the first to know
You might also like
DevOps is a popular practice, especially among large organizations. However, while it comes with numerous benefits, it presents numerous risks as well. One notable challenge is the increased velocity of deployment, which often complicates how developers implement and ensure application security throughout the development and deployment process. DevOps is a popular practice, especially among large organizations. However, while it comes with numerous benefits, it presents numerous risks as well. One notable challenge is the increased velocity of deployment, which often complicates how developers implement and ensure application security throughout the development and deployment process. According to a recent survey, almost 80% of CIOs expressed concerns about the difficulty of discerning trusted elements from untrusted ones within DevOps environments. In particular, the pressure to deliver services at a faster pace sometimes prompts DevOps teams to take security shortcuts, resulting in potentially costly repercussions. These include data breaches, application downtime, and compliance violations. So, how can you strike a balance between the demand for agile DevOps practices and the need to maintain robust security measures?
Testing applications for security flaws during production is a vital process of the development lifecycle, and this is where Dynamic Application Security Testing (DAST) comes in. DAST is a security testing approach in application security (AppSec), in which testers assess an application in real-time, while it’s actively running. This process can be conducted even without testers knowing the application’s internal interactions or system-level designs. Applications fuel the engine of the world’s economy, but enterprises can encounter substantial hurdles when striving to retain a competitive advantage in a rapidly changing digital landscape. Businesses must continuously pursue inventive solutions, even as they contend with sophisticated adversaries looking to exploit opportunities to disrupt operations, compromise vital information, and inflict harm. According to recent research, approximately 17% of cyberattacks aim to exploit vulnerable web applications. Yet, 98% of web applications are susceptible to attacks that can lead to malware infection or redirect users to malicious websites. All the while, 72% of these vulnerabilities result from coding errors. Testing applications for security flaws during production is a vital process of the development lifecycle, and this is where Dynamic Application Security Testing (DAST) comes in. DAST is a security testing approach in application security (AppSec), in which testers assess an application in real-time, while it’s actively running. This process can be conducted even without testers knowing the application’s internal interactions or system-level designs. This is because DAST tools operate without access to the application’s source code. Instead, they emulate genuine attacks, akin to those carried out by real hackers, to identify security weaknesses. This “black box” testing method examines the application from an external perspective, scrutinises its runtime behaviour, and observes how it reacts to simulated attacks. These simulations help evaluate whether the application exhibits vulnerabilities and if it is potentially susceptible to malicious attacks.
In this blog post we look back at the origin of the term “hacking”, as well as how activities that might be described as hacking have existed throughout history, even prior to the advent of computer systems – and what if anything these can teach us today. Hacking is attacking and breaking into computer systems illegally… isn’t it? The meaning of the term “hacking” has in fact changed substantially over time, morphing from describing essentially benign (or at worst mildly disruptive) activities into its modern attribution to largely criminal and illegal activities. What’s more, in its original usage, “hacking” doesn’t necessarily even need to involve computer systems at all. In this blog post we look back at the origin of the term “hacking”, as well as how activities that might be described as hacking have existed throughout history, even prior to the advent of computer systems – and what if anything these can teach us today.