Data Breach at Bookings.com

security breach1I have been watching the developments in the Bookings.com data breach story http://www.bbc.co.uk/Bookings.com  with particular interest. I have fond memories of my formative years in IT, working in Travel and Tour having spent my early days in the IT industry working for First Choice Holidays now part of TUI.

Our recent partnership with Cyber Spear has given me an opportunity to renew my interest in an industry I regard as being my home turf and any way travel people are always a joy to work with.

Unfortunately the organisations behind organised Cyber Crime also seem to feel that way as Travel and Tour seem to be firmly in the crosshairs of organised crime.

Instances APT or Advanced Persistent Threats targeted at commercial organisations are on the rise. This should come as no surprise as the perpetrators of APT are as much interested in accessing personal data as credit card information. In fact most typical data breach attempts are likely to be targeting information as the main priority, simply because credit card records have a limited shelf life.

It is not there-fore too surprising that Travel and Tour have moved up the list of desirable targets as the industry is awash with desirable data. So while the industry is looking to exploit Big Data the criminals are thinking Big Data Breach.

Technologies that give early detection and resolution of breaches such as Cyber Spear “Persistence” and a strategy for protecting information and slowing the progress of infiltrators to keep them from achieving their goals are the new realities that IT departments must come to terms with. In an age where your data may be actively being mined in APT attacks without your knowledge your best protection might be a canary in the coal mine.

The fact that Booking.com customers are being singled out for Spear Phishing attacks indicates a data breach has occurred at some level, whether by APT or as Bookings.com are claiming as a result of a sophisticated Social Engineering attack is largely irrelevant. The criminals have executed the first part of the plan by gaining high quality information on bookings made by Bookings.com clients and are now in the process of exploiting that information.

Organisations need to be aware that the old model of protecting the perimeter is no longer an option. Infiltration of the network at some stage can now almost be assumed. An agile and multi layered strategy and clearly defined DR strategies that are triggered by events such as those currently taking place around Bookings.com are needed to cover a fast developing situation that can quickly develop into a P.R. nightmare. Where in this case Bookings.com and their suppliers seem to be at odds over the origin of the leaked information.

We are in the advanced stages of planning seminars with our partners Cyber Spear that will outline our layered approach which has Cyber Spears‘ APT & threat detection product “Persistence” literally at its heart. We will describe strategies from the technical point of view and best practice from a legal, H.R. & P.R. perspective to help you cover those Data Protection Issues while making sure you have covered all of the bases in your Disaster Recovery Plan. As recent experience at J.P Morgan  and now Bookings.com have clearly demonstrated it pays have a prepared plan to inform interested parties in a timely manner to minimise the damage to your hard won reputation.

To register your interest in coming to one of our IT Security seminars please email securityseminars@tamite.com and we will send you details as soon as they are finalised.

Gary Johnston  -Tamite IT – IT Security Consultant


Leave a Reply

Your email address will not be published. Required fields are marked *