Home / / Hackers target government and business leaders on holidays

Hackers target government and business leaders on holidays

Fireye uncovers hacking campaign against hotels that appears to looking for high profile guests

Hackers target government and business leaders on holidays
All businesses need to take adequate security measures, says Abukhater.

A hacking group appears to have targeted government and business leaders taking summer holidays, through a hacking campaign focused on hotels in Europe and the Middle East, FireEye reports.

The security company said that is has discovered a campaign that targeted hotels in Europe and the Middle East, that appears to be an attempt to compromise hotel's guest WiFi networks in order to spy on holiday makers.

FireEye said that the campaign seems to be the work of the APT28 hacking group, which it believes is a state-sponsored group run by a Russian intelligence agency.

APT28, AKA Fancy Bear, has previously attacked government targets in Europe and the US. The latest campaign against the hospitality sector appears to have started in the Autumn last year.

FireEye uncovered a malicious document that was used to target multiple companies in the hospitality industry including hotels in at least seven European countries and one Middle Eastern country. APT28 is using targeting techniques such as sniffing passwords from Wi-Fi traffic and by poisoning the NetBIOS Name Service and spreading laterally via the ETERNALBLUE exploit, vulnerability in Microsoft's Windows operating systems.

The security company said that the activity appears to be geared towards collecting information from guests, through hotel's WiFi networks. Credentials could be stolen from compromised networks either remotely or by an attack PC on the same WiFi network.

 "The last thing holidaymakers want to think about on their vacation is falling victim to a cyber-attack, but unfortunately our analysis shows that they are being targeted. The hospitality industry may not be one that immediately comes to mind when talking about cyber security attacks, but this just goes to show that all businesses need to have effective defenses in place. This is especially true in regions like the GCC where tourism is an important part of the economy," said Mohammed Abukhater, Regional Director, Middle East and Africa, FireEye.

Follow us to get the most comprehensive IT Security news delivered fresh from our social media accounts on Facebook, Twitter, Youtube, and listen to our Weekly Podcast. Click here to sign up for our weekly newsletter on curated technology news in the Middle East and Worldwide.

REGISTER NOW | Webinar Event | Security you can bank on – Safeguarding the Middle East’s financial sector

Presented in partnership with security and network specialist Cybereason, the second in the three part webinar series will bring together a panel of experts to discuss how banks and financial institutions are evolving their service offering while simultaneously staying one step ahead of the cyber criminals who seek to bring their operations crashing to the ground.