Hospitality industry facing more bot-based credential abuse attacks: report

By Espie Angelica A. de Leon

Cloud service provider Akamai Technologies has just released its “Summer 2018 State of the Internet/Security: Web Attack” report which states that the hospitality industry is now being targeted by bot-based credential abuse attacks.

Akamai Philippines country manager Gerald Penaflor

The report examines data from Akamai’s global infrastructure from November 2017 to April 2018. The company’s security intelligence response team, threat research unit, information security and custom analytics group provided input to the report.

Akamai Technologies head of security, technologies and strategy for APJ Fernando Serto and country manager Gerald Penaflor discussed these findings during a media briefing at Makati Diamond Residences on July 17.

The report said that while other Internet-driven businesses also had to contend with bots abusing stolen credentials, the hospitality industry experienced more of these threats.

Researchers examined about 112 billion bot requests and 3.9 billion malicious login attempts at airline, hotel, cruise line sites, and others. “Impersonators of known browsers,” considered a vector for fraud, constituted about 40 percent of the traffic around hotel and travel sites.

Serto explained that this is due to voluminous data that can be acquired from these sites, with the availability of membership programs and credit cards on databases. The fact that the industry remains an immature environment in terms of security also contributed to its being an easy target.

In Asia, seven major hotel chains experienced data breaches in 2016, Serto related. Though not aware of any local hotel reporting data breach, Serto believes that it will only be a matter of time before Philippine-based companies begin disclosing such cases to the government, citing Australia and Singapore where it is mandatory for companies to immediately inform government of data breaches.

The report further said that Russia, China, and Indonesia were the major sources of these bot-based activities. In fact, the amount of combined attacks from China and Russia was three times larger than that coming from the United States.

“There are bots out there that basically hijack booking sites,” shared Penaflor. “And you can sell it on retail.”

There are also business competitors or content aggregators who enter into partnerships with companies only to get the latter’s price points for hotel rooms or airline tickets. Then, they will sell their own at more competitive rates, said Serto.

To solve the problem, Akamai classifies these bots, taking into consideration the possibility that it is a client’s business partner or someone whom the client has allowed to see their prices.

“We can tap it to the gyroscope of the phone so we see if there’s any vibration while you’re browsing a website. We look into how you sleight your finger across the screen or a mouse. As soon as you click or interact with anything, we are able to make a decision if you are really a human of if you are a bot,” said Serto.

“If you shut down the bot, it will morph into another attack. So it will be difficult for you to catch it. That’s why we have a technique to mitigate,” Penaflor shared.

The two emphasized, however, that cybercriminals are targeting every industry, not just hospitality, banking, or healthcare.

The report also indicated that DDoS or advanced distributed denial of service attacks are also increasing, jumping by 16% from 2017 to 2018.

Comment on this post