Cybercriminals are increasingly targeting the travel and
\nhospitality industry during peak seasons, exploiting the surge in online
\nactivity to launch attacks. A recent report by Cequence revealed that all top
\n10 travel and hospitality websites have significant vulnerabilities, putting
\nmillions of travellers at risk during high-traffic periods like Labour Day.<\/p>\n
Cequence\u2019s research, conducted using their API Spyder tool,
\nuncovered serious flaws in these websites’ public-facing assets and cloud
\ninfrastructure. Alarmingly, 91% of the most severe vulnerabilities were found
\nin just four companies. These include weaknesses that allow man-in-the-middle
\n(MITM) attacks, where cybercriminals can intercept and manipulate user
\ncommunications.<\/p>\n
Adding to the concern, 8 out of 10 companies had publicly
\naccessible non-production or internal application servers\u2014often overlooked and
\nunmonitored, making them easy targets for attackers. One company was discovered
\nto have over 300 such exposed servers.<\/p>\n
The issue of ‘cloud sprawl’\u2014the uncontrolled expansion of
\ncloud services\u2014also emerged as a significant risk factor. Driven by factors
\nlike acquisitions and siloed departments, this sprawl increases the number of
\npublic-facing cloud instances, broadening the attack surface. The analyzed
\nsites were using between 5 and 21 different hosting providers, complicating
\nsecurity management.<\/p>\n
Vercara, now part of Digitcert, provided supporting data
\nshowing that cyberattacks, including Distributed Denial-of-Service (DDoS)
\nattacks, spike during peak vacation times. November 2023 saw the highest number
\nof DDoS attacks against the travel industry for the entire year.<\/p>\n
William Glazier, Director of Threat Research at Cequence,
\nwarned, \u201cTravellers are at risk during peak vacation times, with cybercriminals
\nseizing the opportunity to strike.\u201d The consequences include financial loss,
\nidentity theft, disrupted travel, and significant reputational damage for
\nbusinesses.<\/p>\n","protected":false},"excerpt":{"rendered":"
Cybercriminals are increasingly targeting the travel and hospitality industry during peak seasons, exploiting the surge in online activity to launch attacks. A recent report by Cequence revealed that all top […]<\/p>\n","protected":false},"author":1,"featured_media":298,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","footnotes":""},"categories":[],"tags":[],"class_list":["post-299","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry"],"_links":{"self":[{"href":"https:\/\/qld.cybersafebusiness.au\/index.php\/wp-json\/wp\/v2\/posts\/299","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/qld.cybersafebusiness.au\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/qld.cybersafebusiness.au\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/qld.cybersafebusiness.au\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/qld.cybersafebusiness.au\/index.php\/wp-json\/wp\/v2\/comments?post=299"}],"version-history":[{"count":0,"href":"https:\/\/qld.cybersafebusiness.au\/index.php\/wp-json\/wp\/v2\/posts\/299\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/qld.cybersafebusiness.au\/index.php\/wp-json\/wp\/v2\/media\/298"}],"wp:attachment":[{"href":"https:\/\/qld.cybersafebusiness.au\/index.php\/wp-json\/wp\/v2\/media?parent=299"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/qld.cybersafebusiness.au\/index.php\/wp-json\/wp\/v2\/categories?post=299"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/qld.cybersafebusiness.au\/index.php\/wp-json\/wp\/v2\/tags?post=299"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}