How hotels can benefit from managed SIEM

February 8, 2016 Arctic Wolf Networks

Modern hackers have developed a knack for striking in industries that are not necessarily obvious targets for cybercrime. Government, finance and health care, for instance, are well-known as high-profile targets due to their wealth of national intelligence, trade tips and personally identifiable information, respectively.

But cybercriminals aren't just interested in top-secret records and insider-trading tips. One of the newest hotbeds for hacker activity is hotels, and in the past few months, the industry has been hit hard.

Customer credit cards in the cross hairs

The first announcement of a hotel data breach in a recent string was made in September, when security specialists suggested that multiple credit card fraud incidents could be traced back to the Hilton Hotel. According to independent reporter and cybersecurity researcher Brian Krebs, five different banks were able to pinpoint a common thread between the events. All of the affected credit cards had been used at one of the following Hilton properties: Doubletree, Embassy Suites, Hampton Inn and Suites, and the Waldorf Astoria Hotels & Resorts. The breach is known to have affected guests from April 21, 2015, to July 27, 2015, but Krebs noted that the incidents may have actually begun as early as November 2014.

Less than a month later, the Trump Hotel collection told customers and the press that it had been the victim of a year-long cyberattack. It noted in the announcement that any guests who paid at the hotels with a credit card between the dates of May 19, 2014, and June 2, 2015, may have been affected. Finally, in the most recent case of cyber-deja vu, the Hyatt informed guests just before Christmas that some of its properties fell prey to point-of-sale malware, believed to have lived in the system between Aug.13, 2015, and Dec. 8, 2015. They stated that the cases of fraud mainly affected cards that had been used at restaurants, adding that a small percentage of cards were used at other hotel amenities, including parking, golf shops and front desks.

All of these incidents share two very glaring commonalities. Firstly, the hackers were after credit card data. Secondly, and more significantly, it took months before the malware was first identified in the hotel systems. The latter aspect in particular highlights the growing need for comprehensive detective defenses in the hospitality industry. 

Managed SIEM catches threats early

As hackers become sneakier, and as malware becomes more sophisticated and harder to detect, organizations that have been blind-sided by cyberattackers will need to explore new ways to catch cyberthreats early. One method that has shown some success for enterprises is the use of security information and event management.

Unlike traditional preventative cybersecurity, SIEM services serve as eyes in the network, perpetually monitoring for unusual or suspicious activity that could be a sign of cybercrime. This helps organizations ensure that if hackers somehow manage to slip through the cracks, they can be swiftly caught in the act and dealt with.

If there was one caveat to traditional SIEM software, it was that it could take as long as six months to a year for deployment. However, by switching to a cloud-based model, SIEM services can now be deployed with relative ease, and at a cost that midsize businesses can afford.

With managed SIEM, organizations get more than software. They get mine-sweeping for enterprise networks that is operated and managed by cybersecurity specialists.

Given the difficult-to-detect nature of malware currently in rotation in major hotel chains, this exactly the type of detective capability that may be called for.  

Cybersecurity news and analysis brought to you by Arctic Wolf, leading provider of managed SIEM services.


Previous Article
The need for better cybersecurity in education has become apparent

Hackers are hitting educational institutions left and right, and they have been for quite some time. 

Next Article
The cyberthreats of 2016 warrant managed SIEM

With hackers' ambitions big and getting bigger, managed SIEM will play an important role in ensuring networ...


Want cybersecurity updates delivered to your inbox?

First Name
Last Name
Thanks for subscribing!
Error - something went wrong!