13
Wed, Nov
5 New Articles

IBM Security: Cybersecurity Threats Growing In Travel and Transportation Industries

Security News
Typography
  • Smaller Small Medium Big Bigger
  • Default Helvetica Segoe Georgia Times
Transportation grows to second-most targeted industry for cybercriminals in 2018; New survey finds that more than 70% of travelers have exposed themselves to cyber risks through high-risk behaviors
 
IBM Security today issued new research highlighting that the travel industry and its customers are increasingly the targets of cyberattacks as criminals seek to monetize highly valuable travel data. Compounding the problem, a new survey conducted by Morning Consult on behalf of IBM Security1 reveals that travelers are still blind to the risks they face on the road. The survey found that only 40% of respondents believed it was likely they would be targeted for cybercrime while traveling, yet 70% are engaging in high-risk behaviors while on the road.

Attacks in the travel and transportation industry are becoming more frequent, opening already unwary travelers to cybersecurity threats during their journeys. According to the 2019 IBM X-Force Threat Intelligence Index, the transportation industry has become a priority target for cybercriminals as the second-most attacked industry—up from tenth in 2017— attracting 13% of observed attacks. Since January 2018, 566 million records from the travel and transportation industry have been leaked or compromised in publicly reported breaches.

"Traveling has always been when people are more vulnerable. A few hundred years ago, the perpetrators were pirates or highwaymen. Now those criminals are still out there, but they've changed their methods to focus on digital attacks instead," said Caleb Barlow, Vice President of X-Force Threat Intelligence at IBM Security. "People carry a goldmine of data when traveling including passports, payment information and detailed travel itineraries. When placed in the hands of a cybercriminal, all of this information can be patched together into a complete picture of the traveler's life to inform identity theft, initiate spear phishing attacks, or be sold on the dark web."

Traveling a Dangerous Road
Traveling can make people more vulnerable to security threats than they are at home. On the road, people tend to be distracted and overwhelmed, often opting for convenience over security. At home, they may have safeguards like controlling physical access to devices and setting up firewalls to prevent digital intrusions, but on the road, they might be more exposed.

Morning Consult conducted an online survey on behalf of IBM Security to understand exactly how much risk travelers expose themselves to while away from home, and found most Americans engage in high-risk behaviors while traveling. More than 70% of Americans surveyed have connected to public Wi-Fi, charged a device using a public USB station, or enabled auto-connect on their devices which puts their information at risk.

Business travelers are even more likely to engage in risky behaviors. Nearly half (45%) of business travelers carry a device with valuable or sensitive information on it, yet business travelers admitted much more frequently to risky behaviors such as:

  • Connecting to public Wi-Fi—42% of business travelers do this every time or very often vs. 34% for personal travelers do this every time or very often
  • Charging a device using a public USB station—40% of business travelers do this every time or very often vs. 28% of personal travelers do this every time or very often
  • Enabling auto-connect on their devices—39% of business travelers do this every time or very often vs. 30% of personal travelers do this every time or very often

Travelers are acutely aware of the risks to their financial information with more than half of those surveyed saying that they are extremely or very concerned that their credit card (53%) or other sensitive digital information (52%) will get stolen when traveling. That number drops significantly when they are not traveling, with only 40% similarly concerned that financial information will be stolen at home and 41% that their digital information will be stolen at home.

Digital Guardrails for a Safer Trip
As the 2019 summer travel seasons begins, it is important for travelers and travel and transportation companies to understand the threats facing them and take precautions to help protect their sensitive data. Cybercriminals are drawn to the travel industry because of the wealth of data it holds and the economic value it drives.

Travel is a profitable industry, with travelers spending $1.1 trillion in 2018 and supporting 15.7 million jobs in the U.S., according to the US Travel Association. This year, 43 million Americans will travel during the Memorial Day weekend to kick off the summer season, giving financially motivated hackers plenty of individual targets for their attacks.

Some digital safety tips for travelers include:  

  • Monitor Loyalty Rewards: Your loyalty information and rewards are as good as cash to cybercriminals. Monitor accounts for unusual activity, use strong passwords, set up multifactor authentication where possible.
  • Choose Your Wi-Fi With Care: It's easy for cybercriminals to host Wi-Fi networks in public places to collect data such as credit card information and more. Even legitimate networks hosted by establishments can be open to digital eavesdropping. Avoid public networks if you can; and consider using a VPN for additional security.
  • Bring A Backup Battery: Free USB power charging stations may come with a cost you can't see. Cybercriminals can modify USB connections to download data from your phone or install malware without your knowledge. Instead, bring your own battery bank to recharge your phone when you're low or use traditional wall plugs instead of USB ports.
  • Turn Off Unneeded Connectivity: If you don't need it, turn it off. This includes Wi-Fi, Bluetooth, and auto-connecting to networks.
  • Shred Your Tickets: The little scraps of paper from your tickets, boarding pass, luggage tag, or hotel folio may seem useless and harmless after you complete your trip, but savvy criminals can gather a lot of information about your loyalty rewards program from them. Be sure to save them until you can destroy them appropriately by shredding.
  • Be Smart When Paying: Don't use your debit card at stores or restaurants that may not have the security to protect their point-of-sale systems. If you use an ATM, select one inside a bank branch or inside an airport, where the chance of tampering or skimmers on the ATM is reduced.

To learn more about travel and transportation security go to: https://www.ibm.com/security/industry/travel-transportation

The full Morning Consult survey results are available here: https://www.ibm.com/downloads/cas/ZP95XZ6O 

About IBM Security
IBM Security offers one of the most advanced and integrated portfolios of enterprise security products and services. The portfolio, supported by world-renowned IBM X-Force® research, enables organizations to effectively manage risk and defend against emerging threats. IBM operates one of the world's broadest security research, development and delivery organizations, monitors 70 billion security events per day in more than 130 countries, and has been granted more than 10,000 security patents worldwide. For more information, please check www.ibm.com/security, follow @IBMSecurity on Twitter or visit the IBM Security Intelligence blog.

IBM is a leading global hybrid cloud and AI, and business services provider, helping clients in more than 175 countries capitalize on insights from their data, streamline business processes, reduce costs and gain the competitive edge in their industries. Nearly 3,000 government and corporate entities in critical infrastructure areas such as financial services, telecommunications and healthcare rely on IBM's hybrid cloud platform and Red Hat OpenShift to affect their digital transformations quickly, efficiently, and securely. IBM's breakthrough innovations in AI, quantum computing, industry-specific cloud solutions and business services deliver open and flexible options to our clients. All of this is backed by IBM's legendary commitment to trust, transparency, responsibility, inclusivity, and service.

For more information, visit: www.ibm.com.

BLOG COMMENTS POWERED BY DISQUS

LATEST COMMENTS

Support MC Press Online

$

Book Reviews

Resource Center

  • SB Profound WC 5536 Have you been wondering about Node.js? Our free Node.js Webinar Series takes you from total beginner to creating a fully-functional IBM i Node.js business application. You can find Part 1 here. In Part 2 of our free Node.js Webinar Series, Brian May teaches you the different tooling options available for writing code, debugging, and using Git for version control. Brian will briefly discuss the different tools available, and demonstrate his preferred setup for Node development on IBM i or any platform. Attend this webinar to learn:

  • SB Profound WP 5539More than ever, there is a demand for IT to deliver innovation. Your IBM i has been an essential part of your business operations for years. However, your organization may struggle to maintain the current system and implement new projects. The thousands of customers we've worked with and surveyed state that expectations regarding the digital footprint and vision of the company are not aligned with the current IT environment.

  • SB HelpSystems ROBOT Generic IBM announced the E1080 servers using the latest Power10 processor in September 2021. The most powerful processor from IBM to date, Power10 is designed to handle the demands of doing business in today’s high-tech atmosphere, including running cloud applications, supporting big data, and managing AI workloads. But what does Power10 mean for your data center? In this recorded webinar, IBMers Dan Sundt and Dylan Boday join IBM Power Champion Tom Huntington for a discussion on why Power10 technology is the right strategic investment if you run IBM i, AIX, or Linux. In this action-packed hour, Tom will share trends from the IBM i and AIX user communities while Dan and Dylan dive into the tech specs for key hardware, including:

  • Magic MarkTRY the one package that solves all your document design and printing challenges on all your platforms. Produce bar code labels, electronic forms, ad hoc reports, and RFID tags – without programming! MarkMagic is the only document design and print solution that combines report writing, WYSIWYG label and forms design, and conditional printing in one integrated product. Make sure your data survives when catastrophe hits. Request your trial now!  Request Now.

  • SB HelpSystems ROBOT GenericForms of ransomware has been around for over 30 years, and with more and more organizations suffering attacks each year, it continues to endure. What has made ransomware such a durable threat and what is the best way to combat it? In order to prevent ransomware, organizations must first understand how it works.

  • SB HelpSystems ROBOT GenericIT security is a top priority for businesses around the world, but most IBM i pros don’t know where to begin—and most cybersecurity experts don’t know IBM i. In this session, Robin Tatam explores the business impact of lax IBM i security, the top vulnerabilities putting IBM i at risk, and the steps you can take to protect your organization. If you’re looking to avoid unexpected downtime or corrupted data, you don’t want to miss this session.

  • SB HelpSystems ROBOT GenericCan you trust all of your users all of the time? A typical end user receives 16 malicious emails each month, but only 17 percent of these phishing campaigns are reported to IT. Once an attack is underway, most organizations won’t discover the breach until six months later. A staggering amount of damage can occur in that time. Despite these risks, 93 percent of organizations are leaving their IBM i systems vulnerable to cybercrime. In this on-demand webinar, IBM i security experts Robin Tatam and Sandi Moore will reveal:

  • FORTRA Disaster protection is vital to every business. Yet, it often consists of patched together procedures that are prone to error. From automatic backups to data encryption to media management, Robot automates the routine (yet often complex) tasks of iSeries backup and recovery, saving you time and money and making the process safer and more reliable. Automate your backups with the Robot Backup and Recovery Solution. Key features include:

  • FORTRAManaging messages on your IBM i can be more than a full-time job if you have to do it manually. Messages need a response and resources must be monitored—often over multiple systems and across platforms. How can you be sure you won’t miss important system events? Automate your message center with the Robot Message Management Solution. Key features include:

  • FORTRAThe thought of printing, distributing, and storing iSeries reports manually may reduce you to tears. Paper and labor costs associated with report generation can spiral out of control. Mountains of paper threaten to swamp your files. Robot automates report bursting, distribution, bundling, and archiving, and offers secure, selective online report viewing. Manage your reports with the Robot Report Management Solution. Key features include:

  • FORTRAFor over 30 years, Robot has been a leader in systems management for IBM i. With batch job creation and scheduling at its core, the Robot Job Scheduling Solution reduces the opportunity for human error and helps you maintain service levels, automating even the biggest, most complex runbooks. Manage your job schedule with the Robot Job Scheduling Solution. Key features include:

  • LANSA Business users want new applications now. Market and regulatory pressures require faster application updates and delivery into production. Your IBM i developers may be approaching retirement, and you see no sure way to fill their positions with experienced developers. In addition, you may be caught between maintaining your existing applications and the uncertainty of moving to something new.

  • LANSAWhen it comes to creating your business applications, there are hundreds of coding platforms and programming languages to choose from. These options range from very complex traditional programming languages to Low-Code platforms where sometimes no traditional coding experience is needed. Download our whitepaper, The Power of Writing Code in a Low-Code Solution, and:

  • LANSASupply Chain is becoming increasingly complex and unpredictable. From raw materials for manufacturing to food supply chains, the journey from source to production to delivery to consumers is marred with inefficiencies, manual processes, shortages, recalls, counterfeits, and scandals. In this webinar, we discuss how:

  • The MC Resource Centers bring you the widest selection of white papers, trial software, and on-demand webcasts for you to choose from. >> Review the list of White Papers, Trial Software or On-Demand Webcast at the MC Press Resource Center. >> Add the items to yru Cart and complet he checkout process and submit

  • Profound Logic Have you been wondering about Node.js? Our free Node.js Webinar Series takes you from total beginner to creating a fully-functional IBM i Node.js business application.

  • SB Profound WC 5536Join us for this hour-long webcast that will explore:

  • Fortra IT managers hoping to find new IBM i talent are discovering that the pool of experienced RPG programmers and operators or administrators with intimate knowledge of the operating system and the applications that run on it is small. This begs the question: How will you manage the platform that supports such a big part of your business? This guide offers strategies and software suggestions to help you plan IT staffing and resources and smooth the transition after your AS/400 talent retires. Read on to learn: