-
Travel Industry Faces Increasing Cybersecurity Threats: A Close Look – Image Credit Unsplash+
The Rising Threat of Cybersecurity in the Travel Industry
The travel industry faces an increasingly complex cybersecurity threat landscape, with technological advancements and distribution facilitating more sophisticated attacks. These threats concern industry experts as well as the general public, who are exposed to widespread scams, especially through online travel agencies (OTAs) and hotel groups.
Cyber Threats and Scams
According to Adyen’s Hospitality Report 2024, 71% of guests are concerned about the risk of fraud when booking travel. Airbnb reported that the most common types of fraud in the United Kingdom are credit card, phishing, and holiday scams. In response to these threats, Airbnb launched an awareness campaign in partnership with Get Safe Online.
Artificial Intelligence and Cybersecurity
Fraudsters are also exploiting artificial intelligence (AI), with nearly two-thirds of UK adults failing to identify AI-generated images of fake properties. Booking.com reported a significant increase in phishing attacks due to the prevalence of AI tools. Despite this, Josh Jacobson of cybersecurity firm HackerOne pointed out that most travel industry vulnerabilities are still considered ‘low-hanging fruit’ and are relatively easy for attackers to exploit.
Software Vulnerabilities and Consumer Protection
The Identity Theft Resource Center reported a surge in software flaws as the root cause of most data breaches. Brands often cannot prevent consumers from falling prey to these attacks and can only educate them about potential threats. Booking.com, one of the largest OTAs, continuously invests in advanced technologies like AI and machine learning to detect and block threats.
Threat from Third-party Vendors
The travel industry’s fragmentation and the increasing number of booking channels present another cybersecurity challenge. Experts warn that third-party vendors often lack robust cybersecurity protections, making them prime targets for supply chain attacks. The increased touchpoints of customer data with each new integration also increase the attack surface.
Future Threats and Protective Measures
Looking into the future, Andersen Cheng, CEO of cybersecurity company Post-Quantum, warns of a global threat called “Harvest now, decrypt later.” This involves hackers stealing large amounts of encrypted data and waiting for more powerful computers to unlock it. In response to this existential cybersecurity threat, Cheng recommends using “attestation” over “authentication” in the travel industry.
The Cost of Cyber Attacks
Businesses that succumb to fraud face severe financial and reputational consequences. Experts highlight that the cost-benefit of cybersecurity always favors the attackers, as they spend a fraction of what defenders do because norms and laws do not bind them.
The Role of Human Element in Cybersecurity
Despite the rising threats, the human element is a powerful and possibly underestimated protection against fraud. Experts suggest that educating employees and requiring them to take phishing and cybersecurity training could be one of the most effective measures to counter these threats.
Discover more at PhocusWire.
