Holiday goers warned to remain vigilant due to increased cyber risks

As the summer vacation season approaches, Check Point Software Technologies Ltd. a global cybersecurity provider is warning the public to stay vigilant due to the increased cybersecurity risks for both individuals and organisations.  

Despite airport delays, rising costs and continued uncertainty over COVID-19, international travel this summer is expected to surge 11% above pre-pandemic levels. In their rush to catch up on what, for some, is their first holiday in three years, travelers are likely to let their guard slip when it comes to cyber security and take risks with their online activity that they would not contemplate when sitting at a workstation.

Cyber criminals are well aware of this vulnerability and if anything, step up their efforts over the summer season. According to Check Point Research (CPR) Threat Intelligence Report, the global average number of weekly attacks on organisations in travel and leisure has gone up by 60% in June 2022 compared with the first half of June 2021.

In the period May to August 2021 attacks in these sectors saw a 73% rise and this year is likely to see a similar spike with one of the key trends being hackers impersonating established brands with phishing attacks, as holidaymakers look for last-minute breaks and late availability travel, hotel and attraction deals.

A holidaymaker clicking on a phishing email or exposing their login details over an unsecured public Wi-Fi connection could present a personal risk, in terms of credentials theft and also lead to financial loss. However, there is also an even more serious risk to their employers. The trend towards so-called hybrid holidays, where people work remotely for part of the summer break, makes this an even more realistic threat. Personal laptops, tablets or mobiles will often provide easy access for criminals into corporate networks, especially if BYOD devices have not been adequately secured.  

Meanwhile corporate networks themselves are more vulnerable at this time of year or indeed around long weekends and public holidays throughout the year. With security operations teams working at reduced staffing levels, cyber-attacks can go undetected until it’s too late and the damage has been done. A typical example of this was the ransomware attack on the Kaseya network on 4 July 2021 by the Russian speaking REvil criminal gang which impacted over 1000 organisations around the world in addition to around 15 similar attacks per week over May and June according to CPR. 

Ram Narayanan, Country Manager at Check Point Software Technologies, Middle East said: “For many of us, this may be the first time we’ve travelled abroad since the pandemic and as such there may be certain elements of our travel routines that we may have forgotten about, including our cybersecurity hygiene habits. This is music to the ears of opportunistic hackers looking to take advantage of laid-back attitudes and unprotected devices. This presents a risk to the individual and in our hyper-connected world, to any organisation they communicate with, including their employer.” 

By planning ahead, individuals can look forward to their vacation, knowing that they have taken the simple but necessary precautions to secure their devices while at the same time protecting the networks of their employers. This is why Check Point have put together ten top tips to help consumers stay safe during the summer months.  

Top tips to keep your devices secure 

• Treat public Wi-Fi spots with caution.  Free Wi-Fi access is appealing, but it can also pose some serious security threats. It’s not uncommon for hackers to sit at airports, waiting for travelers to go onto public Wi-Fi networks, so that they can prey on the unsuspecting travellers. Avoid unsecured Wi-Fi networks completely if possible but if you must use them, avoid accessing personal accounts or sensitive data while connected to those networks. 

• Beware of “shoulder” surfers. The person sitting next to you on your plane or while you’re waiting for your plane to board could have malicious intent. Someone can be looking over your shoulder while you enter in credit card details or while you’re logging into social media. It’s smart to get a screen privacy protector, which can help hide your information from prying eyes. 

• Double-check the websites you book travel on. Travel-related cyber-attacks can occur even before the trip begins, so it’s crucial that you verify the travel website you use. Scammers like to imitate authentic sites and pretend to offer luxury vacations or discounted trips, to steal your personal information. If a deal looks or sounds too good to be true, it probably is. Before moving forward, research the company offering the deal extensively. Use a credit card for travel transactions rather than your debit card. Credit card companies often have fraud protections in place should you fall victim to cybercrime, whereas with a debit card, your money is likely gone.  

• Use multi-factor authentication. When on holiday, you may have to gain access to important services that contain confidential or financial data. To keep yourself safe, use a multi-factor authentication (MFA) process to make sure that you are the only person able to access those services and are notified if an unauthorised person is attempting to log in. 

• Download the latest security patches. Before getting ready to leave for your trip, make sure that all of your devices have been updated with the latest security updates. This will keep them protected from the latest known threats. 

• Be suspicious of cash machines. Avoid withdrawing money from cash machines as hackers, especially in tourists’ areas, are known to plug in credit card credential stealers on standalone ATM machines. If it is necessary to use one, find an official bank machine, preferably one located within your trusted bank’s lobby.