According to researchers at Akamai Technologies, the number of cyber attacks in the form of botnets targeting the hospitality industry continues to grow. In their recent report titled Summer 2018 State of the Internet / Security: Web Attack, researchers have emphasised the importance of maintaining agility, which they suggest should be taken seriously by not only security experts but also developers, service provider and network operators. The report further reveals hospitality industry is more receptive to credentials abuse caused by botnets than any other sector, which raises concerns over the security of many such online businesses.
Figures analysed by Akamai researchers are worrisome at best. According to data gathered between November 2017 and April 2018, close to 112 billion bot requests were analysed. Additionally, 3.9 billion malicious login attempts were recorded targeting websites in hospitality industry like airlines, cruise lines, hotels and more. What is even more shocking is that close to 40 per cent of the traffic observed across hotel and travel sites is termed “impersonators of known browsers”. These impersonator bots primarily bypass security challenges and cause financial loss or website downtime, further putting the company’s reputation at stake.
Majority of the credential abuse attacks on the travel industry was originated in Russia, China and Indonesia, impacting hotels, cruise lines, airlines, and travel sites. The amount of attack traffic originated in Russia and China combined was three times the amount of attack traffic originated in the U.S during the stipulated period. Akamai’s Martin McKeay says, “These countries have historically been large centers for cyberattacks, but the attractiveness of the hospitality industry appears to have made it a significant target for hackers to carry out bot-driven fraud.”
Advanced attacks are on the rise
DDoS (Distributed Denial of Service) attack is one of the most common techniques employed by hackers and perpetrators when targeting a website or mobile app by increasing server load. But researchers say other intelligent and tactical methods have also started to evolve. One such attack was originated by a group coordinating over group chats on Steam and IRC. So instead of relying on botnets, a group of human volunteers were involved in these attacks.
In another incident, the attack was carried out against the target’s DNS server instead of opting for a sustained attack against the target directly. Although bursts lasted for several minutes, it caused difficulties reducing the severity given the sensitivity of DNS servers. The burst system also ended up causing defenders to feel exhausted over a long period of time.
“Both of these attack types illustrate how attackers are always adapting to new defenses to carry out their nefarious activities. These attacks, coupled with the record-breaking 1.35 Tbps Memcached attacks from earlier this year, should serve as a not-so-gentle reminder that the security community can never grow complacent,” said McKeay.