T3CH 2019: Travel now the second most targeted industry by cyber criminals, says IBM

‘Travel firms have so much data about individuals, malign actors can glean an enormous amount of intelligence’

Travel has risen to become the number two most targeted sector for cyber criminals, a security expert from IBM told this week’s IBM first T3CH conference in Madrid.

Caleb Barlow, vice president IBM security, said travel firms have so much data about an individual malign actors online can glean an enormous amount of intelligence out of it.

He said for some nation states this data “tells you a great deal about political motivations, what business deals they are about to make and who they associate with”.

“You have to think about the data sets you hold on people, not only personal information but also their opinions and beliefs. That’s what the [cyber criminals] are after.

“That’s why the travel industry has moved to number two as the industry more likely to be attacked.” Financial services remains the world’s most targeted sector.

Barlow said when a large scale cyber security breach happens everyone in the organisation has a role, not just the IT department.

IBM has created an X-Force threat intelligence division as part of a $200 million investment in global incident response services.

It also has a mobile Cyber Tactical Operations Centre which is a simulator for firms to practice their response to cyber attacks.

Barlow set out the general pattern of a largescale cyber attack in which the criminals conduct a series of attacks on systems over an extended period of time punctuated by no activity.

He said this tactic ensure a firms’ IT security team become disintegrated in any unusual activity and so by the time they launch their full scale attack the malware they are using is in back-up systems.

“Are you ready? Are your teams ready? Have you thought about what might happen? Have you practiced? Have you thought about all the permutations about what might go on?

“We fine people struggle making decisions in crises. They slow down, make decisions with data and try to build consensus.

“People are not prepared. You are going to have to make decisions in a hurry with limited data. The way you win is to make decisions faster than your adversary. You are up against a human being who can pivot.”

Hacker Elazari, a professional hacker from Tel Aviv Israel, told delegates that firms should embrace the hacking community.

She said they are the “immune system for industry” because “criminals are evolving much faster than a lot of the traditional industries” and friendly hackers can find vulnerabilities before the criminal do.

“Friendly hackers are helping by finding bugs and software vulnerabilities,” she said. “We need these outsider hackers to help us. In fact they might be the key to our future. Hackers can give us a glimpse of the future.”

Jeff Troy, president and chief executive of Aviation Information Sharing Analysis Centre (ISAC) said it was important that everyone in the sector has their shields to provide full protection.

“There is so much shared risk inside the industry and what we need is a little bit of transparency to know that everyone who owns that risk has their shields up.”