Verizon's 2020 Data Breach Investigations Report, which looked at 3,950 confirmed breaches, found the responsibility for breaches in the accommodation and food services industry is spread evenly among several attack types including malware, error and hacking via stolen credentials.
Financial gain is the biggest motivation—at 98% of all attacks—for these breaches of cyber security in the hotel industry.
To best protect against these attacks, hotel IT and security services should be looking at:
- Limitation and control of network ports, protocols and services
- Boosting boundary defenses
- Robust data protection measures
Prevention is better than cure, but of course, nothing is foolproof—there will be times when perimeters are breached. To detect these, ensure your IT security teams are fully up to date on the threat landscape and are vigilant about system protection. Data breaches must be identified and contained promptly because they can spread like wildfire.
There are some common indicators and event types that could indicate an intrusion in your systems, including:
- Unusually high system or network activity, or activity in unusual parts of the system
- The presence of unexpected software or system processes
- Configuration changes that can't be traced back to an approved action, such as added scheduled tasks or new software installed
- Unusual user activity, such as logging in at strange times or from unusual places
- Repeated system or application crashes
- Reports of unusual messages coming from your system or networks
If it's a ransomware attack, you could also receive a message directly from the attacker.
It's important to think beyond the organization's own internal infrastructure, especially as more and more services are moving to the cloud. While cloud-based and "as a service" applications continue to grow in popularity—they bring efficiencies, make maintenance simpler, are automatically updated—they also result in more exposure to security risks.
Good management is critical to good cloud security, with visibility and monitoring key to securely running any cloud environment. It can pay to work with independent partners to shore up these security protocols and manage risks.