Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
A new report reveals an industry under siege by highly competent adversaries leveraging a range of aggressive tactics and tools.
Hackers are increasingly deploying a wide variety of advanced tactics to breach the networks of hospitality vendors, causing business disruption and compromising guests, according to new research from cyber security firm Trustwave.
The activities of these cyber criminals effectively mirror industry best practice, but for illicit gain. They share knowledge across hacking forums and the dark web, coordinate their attacks, and take advantage of encrypted messaging platforms.
The hospitality industry is uniquely vulnerable to this form of coordinated activity, too. It has twice the number of public-facing network devices, 15 per cent more critical vulnerabilities; alarming statistics that hackers can readily take advantage of.
“Cybercriminals now operate like businesses. They collaborate, specialise, and focus on return on investment. We have seen ransomware groups, like Akira and Conti affiliates, target Australian hospitality brands by exploiting third-party vendors and stolen credentials,” Craig Searle, director, consulting and professional services (Pacific) and global leader of cyber advisory at Trustwave, said in a statement.
“Recent incidents involving TFE Hotels and the Fullerton Hotel Sydney show how attackers can cause widespread disruption when systems lack visibility, monitoring, or real-time response.”
As hotels and other entities in the sector progress on their digital transformation journeys, attack surfaces expand, and the security environment becomes more fraught. But there is a small silver lining for Australian organisations.
“Compared to global trends, Australia’s regulatory framework emphasises stricter penalties for privacy violations and expanded oversight of third-party vendors, yet the sector remains a prime target for ransomware groups with hospitality environments creating ideal conditions for attackers,” Searle said.
“Hospitality teams focus on delivering quick, seamless guest experiences, which can lead to gaps in security awareness. Cyber-criminals exploit that mindset using fake booking messages, vendor impersonation, or urgent requests to get around defences.”
Once inside a network, threat actors can manipulate management systems, payment platforms, and communications with guests, which in turn can lead to further compromise and fraud. An entire shadow travel industry exists on the dark web built upon stolen credentials and compromised loyalty accounts.
However, it’s ransomware attacks that continue to grow as they represent a better return on investment.
“From an attacker’s perspective ransomware attacks continue to represent the best value-for-money strategy and so it is expected they will continue to grow in frequency over time,” Searle said.
“As artificial intelligence (AI) continues to evolve at a rapid rate the breadth of delivery channels, such as email, SMS, and social media, for the initial compromise attempt is expected to increase as well as the reliability and believability of that content when delivered.
“Ultimately, this will increase the likelihood of successful attacks against Australian hospitality businesses unless further investment is made in improving preventative capabilities such as managed detection and response, email protection, and employee awareness training.”
You can read full reports on the hospitality industry and its cyber vulnerabilities here.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
