Boris Vaynberg

by Boris Vaynberg

VP and GM for Advanced Threat Detection

Posted May 14, 2019

It may be safer to fly in an airplane than to book your travel.

Email security dos and donts.jpg

While there is a very remote chance you will come to harm while flying, it seems that based on the news lately you can come to cyber-theft harm just through booking your flights.

Cyber criminals have been targeting airlines and succeeding. Let’s look at what happened to Cathay Pacific and British Air in the recent past.

Cathay Pacific Breach Affects 9.4 Million

According to Raymond Zhong in his New York Times article titled “Cathay Pacific Data Breach Exposes 9.4 Million Passengers”:

“Cathay Pacific, the Hong Kong-based international airline, acknowledged on Wednesday that its computer system had been compromised at least seven months ago, exposing the personal data and travel histories of as many as 9.4 million people.

The breach involved private user information, including phone numbers, dates of birth, frequent flier membership numbers and passport and government ID numbers, as well as information on passengers’ past travels. The airline said that 27 credit card numbers — but not their corresponding security codes — had been obtained, as had 403 expired credit card numbers.”

Although the Cathay Pacific breach is clearly huge, it is not an isolated case.

British Air Breach Affects 565,000

According to Carly Page of The Inquirer in her article titled “British Airways admits mega-breach hit additional 185,000 customers”:

“The firm originally said that the mega-breach, which was first made public at the beginning of September, saw hackers compromise the payment cards of at least 380,000 customers in a theft of data from the company's online booking systems.

In an updated statement released on Thursday, BA admitted that a further 185,000 customers may have been affected by the breach.

Its investigation, carried out with specialist cyber forensic investigators and the National Crime Agency, revealed that hackers "may have stolen" payment details, including CVV numbers, of an additional 77,000 customers.

A further 108,000 also saw their payment details, without CVV, "potentially compromised" during the incident."

Prevent, Don’t Remediate

At the risk of stating the obvious, prevention is the ideal form of protection. By leveraging solutions that use deep inspection and analysis methods that interpret and detect code in real time, you can immediately block threats from affecting your organization.

Your selected solutions should make no assumptions on threat heuristics and behavior but actually assume that there is no legitimate reason for executable code to be present in a data file, it relies solely on identifying code existence on non-executables files.

Learn more here.

Want more great articles like this?Subscribe to our blog.

Get all the latest news, tips and articles delivered right to your inbox

Boris Vaynberg

by Boris Vaynberg

VP and GM for Advanced Threat Detection

Posted May 14, 2019

You may also like:

Threat Intelligence Best Practices for Lean IT Organizations - Part 1

Here’s why looking at indicators o…

Here’s why looking at indicators of compromise isn&rsq… Read More >

Joshua Douglas

by Joshua Douglas

VP, Threat Intelligence

Posted Apr 30, 2019

Compliance Supervision: More Than Checking a Box

Compliance supervision reviewers face bi…

Compliance supervision reviewers face big challenges. It doe… Read More >

Garth Landers

by Garth Landers

Product Marketing Director, Archiving

Posted May 07, 2019

Securing the Department of Homeland Security Way

Learn how the DHS recommends you approac…

Learn how the DHS recommends you approach cybersecurity. Ho… Read More >

Boris Vaynberg

by Boris Vaynberg

VP and GM for Advanced Threat Detection

Posted May 10, 2019