Tourism industry warned hackers target visitor data
The local travel industry has grown more competitive in securing bookings with a continuous rise in the number of tourist arrivals in the country. Last year, the Department of Tourism posted a record-breaking 7.1 million international tourist arrivals, surpassing the 6.6 million arrivals in 2017 by 7.68 percent despite the six-month closure of Boracay. An influx of this magnitude and the amount of personal information it comes with call for industry players to strengthen cybersecurity measures even more.
The Philippines is an attractive destination not only for tourists but also for hackers. In fact, cybersecurity experts predict that the Philippines will be among this year’s most targeted countries in the ASEAN region for malware designed to avoid detection and possibly be a launch pad for other cyber attacks. ePLDT is thereby urging airlines, cruise lines, car rentals, hotels, and tour operators to be extra cautious when handling their customers’ information.
“It’s easy to get caught up in the overwhelming demand for travel services especially during peak seasons like summer but strengthening cybersecurity measures must always be a priority. Clients are entrusting confidential information. Hence, it is the service providers’ responsibility to handle it well,” said Angel Redoble, First Vice President and Chief Information Security Officer of ePLDT Group, PLDT Group, and SMART.
Cybercriminals infiltrate systems in various ways, one of which is by pretending to be customers and then luring salespersons into believing they have lost their reservation details. When the fake customers are asked to give personal information for checking, they propose to send it via email and do so with an attachment of data-stealing malware, which automatically downloads once clicked. The malware then breaks into payment systems where it collects loads of personal data such as credit card information.
Another thing to be wary of is a “rogue hotspot” or a Wi-Fi access point set up by an attacker that mimics a legitimate hotspot provided by airports, hotels, coffee shops, etc. Victims that connect to such rogue hotspots usually have no idea about the dangers awaiting them because the attacks use familiar network names. An attacker can collect sensitive user details and credentials like account names, passwords, credit card details, and the like just by eavesdropping on the network traffic. In some cases, attackers may push out malware to a victims’ device or redirect victims to malicious sites or servers that will infect them with malware.
Having the right cybersecurity solutions in place, coupled with sufficient user awareness campaigns, can curb such incidents. It is essential to invest in people, processes, learning and awareness, and of course, technology. In the event there’s an absence of these, working with a trusted partner like ePLDT can address this concern. ePLDT’s class-on-its-own cybersecurity portfolio includes an end-to-end SOCaaS (Security Operations Center as a Service) offering, which companies can subscribe to for monitoring, alerting, incident analysis, response, and threat intelligence.
“With digital transformation comes a number of challenges in security compliance and data protection. ePLDT is extending its expertise to organizations to help them set up reliable and resilient systems that promote the safety of customer data, which is vital to business resilience,” said Nerissa Ramos, Senior Vice President and Chief Operating Officer of ePLDT.
To get ahead of these cybercriminals, the best way is to implement cybersecurity measures and solutions that will predict and prevent attacks from infecting systems in the first place. By employing available technology, businesses will be able to ensure the security and privacy of data entrusted to them, inasmuch as they ensure the physical safety of their establishments. ePLDT’s Managed Security Platforms, on the other hand, provide deep inspection capabilities and multi-level protection through technology partnerships combined with best practices and local security expertise.
“We are working hard to deliver effective, end-to-end cybersecurity services for businesses—regardless of their industry—so they can protect themselves against emerging cyber attacks,” said SVP and Head of PLDT and Smart Enterprise Business Groups Jovy Hernandez.
Apart from Cyber Security services, ePLDT delivers best-in-class digital business solutions up to par with global standards which include Data Center services, Cloud, and Managed IT Services. To know more about ePLDT, visit www.epldt.com. Leave IT to us. Let IT Be ePLDT.