FireEye, a company specializing in e-security solutions based on threat intelligence, recently disclosed the spread of a malicious campaign attributed, to a reasonable degree of confidence, to the APT28, which targets the hospitality industry.
The company revealed a malicious document used to target multiple hospitality companies, including hotels in at least seven European countries and one in the Middle East.
As part of these attacks, the APT28 uses unique targeting techniques in its campaign, such as stealing passwords from data flowing over Wi-Fi networks, blocking the NetBIOS Name Service, and then spreading widely through ETERNALBLUE, Microsoft Windows operating system.
Electronic espionage activity against the hospitality industry is usually concentrated in gathering information about or about important hotel guests, not about the hotel hospitality industry itself, although active threators may also collect information about the hotel as a means of facilitating attacks.
While the ultimate goal of this campaign is still unknown, there are indications that the APT28 is seeking to penetrate government and business travelers 'data through remote access to the hotel' s Wi - Fi networks.
In foreign countries, these travelers often have to rely on insecure networks as they should, unlike the secure network they are accustomed to using in their companies, or they may not be aware of the additional threats they are exposed to abroad.
It is possible to steal personal identification data remotely or via an attacker's tool located near or on the same Wi-Fi network. Personal identification data is then used to penetrate the victim by logging on to the victim's computer, publishing malicious software, or signing in to an Outlook Web Access account. Through this tactic, an individual authentication factor is used for the user without any interference from the victim.
"The last thing travelers need to think about on their holidays is to fall victim to an electronic attack, but unfortunately our analysis shows that they are targeted," said Mohammed Abu Khater, regional director for the Middle East and North Africa at FireA. The hospitality sector may not be the sector that comes to mind when talking about cyber security attacks, but this goes only to show that all companies need effective defenses. This is particularly true in regions such as the GCC, where tourism is an important part of the economy. "
0 Comments