Cybercriminals exploit high travel and vacation seasons

As Labor Day approaches, recent data indicates that cybercriminals are taking advantage of the increased traffic to carry out their attacks. The data comes from Cequence’s research team, which discovered that all of the top 10 travel websites were vulnerable to public-facing vulnerabilities. Among these websites, four had a high percentage of critical vulnerabilities. Additionally, eight of the top 10 organizations had unmonitored or unmanaged public-facing servers for non-production/internal applications, with one organization having over 300 such servers, creating potential entry points for malicious actors.

The research identified a trend: peak seasons in various industries often coincide with a rise in cyberattacks. For example, during the peak of the hospitality industry’s season, there may be an increase in DNS queries and DDoS attacks. The winter travel season, starting in October, could see an uptick in traffic that cybercriminals could use to mask their attacks.

William Glazier, Director of Threat Research at Cequence, warned, “Travelers are particularly vulnerable during peak vacation times, as cybercriminals take advantage of the opportunity to strike. Our research highlights the serious threats posed, including financial losses, identity theft, and travel disruptions for consumers, as well as reputational damage and legal issues for businesses. Frequent cyberattacks can erode consumer trust in digital platforms. To mitigate these risks, organizations should prioritize API security, while travelers should remain vigilant and practice strong cybersecurity measures.”