Hotels, airlines, cruises and travel sites are under siege from crooks using using fake or stolen account details to try to access accounts. Hackers have been using stolen or leaked account details to attempt to log into accounts, using botnets to deliver attacks at industrial scale, according to a recent research by Akamai.
While the use of bots to abuse stolen credentials continues to be a major risk for Internet-driven businesses across the world, the hospitality industry experiences many more credential abuse attacks than other sectors, according to this report.
Akamai researchers analyzed nearly 112 billion bot requests and 3.9 billion malicious login attempts that targeted sites in this industry including airlines, cruise lines and hotels among others. Nearly 40 percent of the traffic seen across hotel and travel sites is classified as “impersonators of known browsers”, which is a known vector for fraud.
Geographic analysis of attack traffic origination reveals that Russia, China and Indonesia were major sources of credential abuse for the travel industry during the period covered by the report, directing about half of their credential abuse activity at hotels, cruise lines, airlines, and travel sites. Attack traffic origination against the hospitality and travel industry from China and Russia combined was three times the amount of attacks originating in the U.S.
“These countries have historically been large centers for cyberattacks, but the attractiveness of the hospitality industry appears to have made it a significant target for hackers to carry out bot-driven fraud,” said Martin McKeay, Senior Security Advocate, Akamai and senior editor of the State of the Internet / Security report.
While researchers can’t be sure why attackers in these regions of the world are so keen on attempting to breach accounts associated with the hospitality sector, but one likely explanation is that hotels and travel sites would be lucrative for organised crime gangs.
Hotels have everything from guest credit card data through to identity documentation that guests might be required under local laws to provide at check in. This is exactly the kind of personal and payment data that would be considered valuable to hackers. Not only are hotel websites full of personal information which can be used to commit fraud or even make purchases, a lot of them also offer users incentives and point-based reward systems which are open to abuse.
Earlier this year, another report by cybersecurity firm Distil Networks highlighted how malicious bots steal data and content and wreak havoc on websites, and airlines have the second-highest proportion of traffic from these bots. For airlines, bad bots accounted for 43.9% of all traffic on their websites in 2017. That puts the airline sector second to only gambling websites, which had 53.9% of their traffic from bots. And it’s more than twice as much as the average across all industries – 21.8% – and used to automate a variety of harmful actions such as web scraping, competitive data mining, personal and financial data harvesting and digital ad fraud.