I wanted to reach out to put some news on your radar (if it’s not already). Holiday Inn owner, Intercontinental Hotels Group (IHG), has confirmed the company has been hit by a cyber-attack.
IHG, which has some of the world’s largest hotel chains, issued a statement saying it was investigating “unauthorized access” to a number of its technology systems. The UK-based company said its “booking channels and other applications” had been disrupted since Monday. This continues a worrying trend following breach in 2017.
Threat actors are extremely ruthless individuals and are like bees to honey when it comes to picking their targets. Hotels are a regular target as they hold lots of guest data due to needing addresses for check in, and deeply established loyalty programs. In the past we have seen the Marriott hotel suffer a similar fate to Holiday Inn.
Unfortunately, this is not the first cyberattack that Holiday Inn has experienced, with breaches in 2017 and one last month in Istanbul. Once cyber criminal groups know that an organization can be breached, it can encourage further attacks. Cyber criminals are inspired by one another’s crimes, and sometimes even try to get one-up on each other.
Ultimately, the people most affected by these kinds of breaches are security teams. They have the unenviable and stressful job of trying to find out where the original breach occurred whilst also fearing a second wave of attacks. People who experience extreme amounts of pressure and stress are less likely to stay in their job, and in some cases leave the industry altogether.
It’s extremely alarming that 45% of professionals have considered quitting the industry due to stress, with the primary issue being the constant threat posed by ransomware and supply chain attacks. If the industry then lacks both personnel and skills, it means that attacks like these are going to become more frequent and have a greater chance of succeeding. Therefore, organizations need to start looking at cybersecurity differently.
Far too many businesses build their cybersecurity strategy on an “assume breach” mindset, but this is not enough. The latest malware and techniques used by threat actors can evade solutions such as Endpoint Detection and Response (EDR), which work on a reactive and mitigation approach. Organizations must adopt prevention-first strategy if they want to stop this never-ending fear of being breached.
Businesses should be looking to stop cyberattacks before they are able to breach the network. We should not see threat actors being able to breach an organization’s endpoints as the norm either the first time or repeatedly moving forwards. A shift towards a prevention-first mindset can end this fear of waiting for the next attack.