Govind Rammurthy, managing director & CEO, eScan says that hotels are increasingly becoming targets of malicious attacks by cyber-criminals.
Restaurants have long been of interest to hackers in search of making a quick buck, however, in the last year we have noticed that hackers are showing an increasing interest in the hospitality industry. Figures show that hotels and resorts account for at
least 40% of the breaches, which can include anything from intellectual property theft to loss of financial data. This new shift in focus to the hospitality industry shows a more targeted approach rather than just focusing on opportunistic and random attacks.
Take Marriot International Inc for example, the hotel incurred a total loss of $1 million in salaries and other expenses due to a breach by cyber-criminals. The root cause for the data leak was the installation of two remotely controlled Trojans, which allowed access to other connected systems within the network. Both Trojans were remotely installed after getting a handful of Marriot employees to click on infected email attachments.
Restaurants and related businesses remain popular targets with the food and beverage industry, accounting for 15% of data breaches. A method most commonly used in hotel/resort data breaches is the use of remote-access application attacks. Such attacks exploit web channels created by internal or external IT staffs/specialists. Such systems are lightly defended from external attacks and come with either no password or feature common/easy to guess passwords. Other frequently used attack methods include SQL injection, MITM (Man-in-the-Middle) based attacks.
Threats not only damage files and computers by acting as viral agents, but also impose productivity losses, wasting disk space, time and financial resources. Ironically, even as certain methods to guard content security have evolved, threats to security have become more severe, even causing destruction of data. However, the systems employed to detect these threats are still handicapped by several deficiencies. The ‘cure’ that is provided by some products only scans data after it is saved on the hard disk; by which time the damage is already done.
The ‘MicroWorld-WinSock Layer’ (MWL) is a revolutionary concept in scanning internet traffic
on a real-time basis. This new concept has changed the manner in which content security threats are tackled.
Some of the hospitality groups currently protected by eScan in UAE are Capitol Hotel group, Broadway Hotel, Dusit Residence Dubai Marina, Grandeur Hotel, Majestic Hotel, Arabian Courtyard Hotel and Spa.