We’re urging North West businesses within the travel and tourism sectors to strengthen their cyber security infrastructures, following concerns of heightened vulnerabilities during the busy summer season.

Back in March 2021, we saw Airline communications and IT specialist Sita be the victim of a cyber-attack, which involved passenger data. In May, Air India revealed that the attack had compromised the data of around 4.5 million customers, which was related to the SITA PSS security incident that affected major airline companies globally.

The leaked information included names, dates of birth, contact information, passport information, ticket information and frequent flyer data. Air India has, however, clarified that no passwords were leaked and credit card details and CVV numbers were not stored in the affected server.

In May of 2022, India's second-largest airline SpiceJet faced an attempted ransomware attack, which left passengers stranded in various airports across the world. Further flights were delayed and some passengers were left sitting on the runway for nearly four hours.

During the busy summer period, you’re vulnerable to cyber attacks

With passengers eager to get away this summer, the travel and tourism sectors are hoping to finally start recuperating some of their losses from 2020.

Could an overwhelming tourist demand blight the good cyber practices within these businesses? With such a drastic change to the ways businesses are now working, such as working from home, taking bookings and payments online. Does this leave businesses more vulnerable to attacks from hackers?

Concerns about the safety of corporate devices running on employee home networks or employees using their devices while working from home have been heightened recently. These concerns include businesses and their employees running the risk of letting their good practices in cyber-security become too relaxed, due to the notion of being outside an office environment.

To help businesses prepare we have created a Cyber Incident Response Pack, which contains documents to help support your business plan its response to a cyber incident. These documents are designed to complement any existing plans or assist you in creating one.

Remember to backup your data

Back up your data either in the cloud or on an external drive that isn’t connected to the network. Recovering your data should you become the victim of a ransomware attack is imperative to keep your business running.

Having backups stored securely and disconnected from your network ensures there is an air gap between your live data and the backup. If you can, encrypt that data backup, so you reduce the risk of your data becoming compromised.

Make sure your staff can identify phishing emails

As phishing remains the most common type of cyber-attack and results in the largest financial losses for businesses.

Phishing is a tactic used by criminals who try and trick you into clicking a bad link that can download malware or try to encourage you to hand over passwords or account details.

• No legitimate company will send emails using ‘@gmail.com’ or ‘@hotmail.com’.
• Look at the email address, not just the sender. Do they match?
• Check the spelling and grammar, is the domain, name, sender's name and signature spelt correctly?
• Did you expect to receive the email or attachment? Don’t open an attachment unless you are fully confident that the message is from a legitimate contact or company.
• Test your staff's resilience to phishing attacks through a Simulated Phishing Exercise.

When did you last update your passwords?

Make sure you are using different passwords for different accounts you use, make life easier by using 3 random words when creating a new password. For example ‘greenfiredbuttercup’.

You must prevent malware from infecting your devices

Ensure that you have an up to date antivirus installed on your computers. With devices like tablets and mobile phones, make sure you are updating the phone's OS (operating system) and any applications you are using.

Keep your devices safe, encourage your staff to have pin codes enabled at all times and use strong passwords for account logins. If staff are working on the go, beware of using public Wi-Fi networks. Don't connect to unknown Wi-Fi Hotspots (for example in a hotel lobby or service station), there is no way to easily find out who controls that Wi-Fi hotspot. If you connect your devices to these hotspots, somebody else could gain access to:

• Anything you're working on whilst connected to the Wi-Fi
• Accounts and login details that many apps and web services maintain whilst you're logged on.

If you are using payment terminals, the best practice is to lock away the terminals when they aren’t being used. Make sure you regularly check they haven’t been tampered with or damaged. Things to look for would be overlays on the keypad, a broken security seal or additional cable(s) that you don’t recognise, or scratches where the device has been opened.

For any devices that you are making available for public or guest use, you will need to ensure personal information from the previous user is not left behind. The easiest way to do this is to use a managed kiosk software package that automatically cleanses the PC of all data after each use. If you don’t use this type of software, you would need to manually clear caches, web history, print queues and any files created.

Don’t forget to check for any USB devices which are connected that you are unaware of, they could be found unseen, at the back or side of the device. This could be running any kind of malware, but likely is a key logger that could capture all info entered by guests, such as logins and passwords to online banking or credit cards for purchases.

Remember as a business you should continually review your security and the processes you have with your suppliers; requiring ISO certification and documented standards as a minimum. Watermarking your data can help you to identify third-party breaches faster and enable them to take action sooner.

Is your business ready for a Cyber Health Check?

We've designed a Cyber Health Check in collaboration with Police and ISO accredited Risk Managers, the outcome of this Cyber Health Check will provide your business with a summary of your Cyber Risks and an action plan which will help protect you against the latest cyber threats.

How can the Cyber Resilience Centre help businesses in the travel and tourism sector?

We have covered a varied but very high level, approach to cybersecurity in the travel and tourism sector, but if you need any other guidance or if you just need some help with your cyber security, we are here to help.

In the last 12 months, four in ten businesses (39%) have reported cyber security breaches or attacks, so there has never been a better time to improve your business resilience.

Keep your business safe by making your staff aware of the latest cyber security threats, with our Business Premium Membership which supports you for 12 months.

This membership includes Cyber Security Policy and Procedures Templates, a Simulated Phishing Exercise, Cyber Risk Exposure Assessment and a bespoke Cyber Awareness Training program that is tailored to your organisation and delivered to your staff in-person or online.

Unprepared staff are at a heightened risk of being caught unaware when working remotely or when returning to a business/office which has been closed for a while or when starting a new job.

Additional guidance on the latest cyber security trends, guidance for SMEs and ways to help make you more cyber resilient can be found here.