Cyber Wars on the Travel Road 2022 Edition

April 27, 2022 | rjmcgarvey | Consumer affairs, InfoSec, Travel

By Robert McGarvey

Business travelers have been sidelined for two years, thanks to the pandemic, but you know who has not been sidelined: hackers, cyber criminals, and a huge cast of malefactors in Russia, China, Iran, and, yes, of course the United States who want to take advantage of road weary travelers who too often let down their guards and thus are easy marks.

So I was not surprised when I saw that the World Travel & Tourism Council had worked with Microsoft to generate a report on cyber risks and travel, a business that is exceptionally vulnerable because, per WTTC data, 80% of the players in travel are small and medium sized businesses and that group generally has been laggard in arming up to thwart cyber attackers.

Phocuswire reported: “Julia Simpson, WTTC president and CEO, says: ‘Technology and digitalization play a key role in making the whole travel experience more seamless, from booking a holiday, to checking in for a flight or embarking on a cruise.

‘But the impact of cyberattacks carries enormous financial, reputational and regulatory risk.’”

Reprising Capt. Willard

That quote put me in mind of Martin Sheen’s Captain Willard as he passed time in a Saigon hotel room waiting for his mission in Apocalypse Now.  Muttered Willard, “Every minute I stay in this room I get weaker and every minute Charlie squats in the bush he gets stronger.”

YouTube video clip (two minutes) here.

As we have grown soft sipping Scotch nursing our memories of hotel rooms past the cyber bad actors have grown tougher, smarter, hardened and hungrier.

And as we go out on the road again we will be prime targets.

The Leaky Sieve Travel Industry

The WTTC/Microsoft report gloomily set this stage: “Cyber criminals tend to be opportunistic and will exploit any possible area of vulnerability, from a payment process to a loyalty programme. While loyalty programmes enhance the travel experience by creating reward opportunities based on travel, they are also a target of cyber criminals. These programmes contain sensitive data which makes them susceptible to attack, underlining the need to treat these programmes as part of the larger eco-system of the business.”

The report also noted: “According to Kelly White at Mastercard, ‘most people assume and expect security and privacy,’ both in how the data is being used and stored. This highlights the trust consumers have had in their providers, even in the absence of overt safety measures.”

Face this fact: your security on the road is on you. That includes taking personal responsibility for safeguarding your personal data and credit card info when dealing with travel providers.

You cannot trust travel providers. They have been cyber leaky sieves for decades and there is no question that in the past two years of economic oblivion most have grievously neglected their cyber security.

Hotels, airlines, cruise ships have lost literally billions of dollars in the past two years.  What budget item haven’t they cut?

Depend on them to protect you and, honestly, make sure you pack a rosary and dutifully say your prayers on the road because you will definitely need God’s help.  

6 Steps to Better Road Safety

What steps should you take to stay cyber safe in 2022:

  • Do not use public WiFi.  Use your phone to create a personal hotspot — cellular data is vastly safer than public WiFi.
  • If you must use public WiFi, always have a VPN as a filter.  And never use a free VPN
  • This all is definitely true for hotel WiFi – don’t use it and if you must use a VPN.
  • Regularly check loyalty points totals – the sooner you blow the whistle about a theft the more likely matters will quickly resolve in your favor.  Even smarter: drive your totals down as near as you can to  zero. Loyalty points spent cannot be stolen. 
  • Never, ever use a debit card at a hotel, airline, saloon, or restaurant. Your federal protections are much stronger with credit cards.  
  • When traveling – especially abroad – use a credit card that has built in chip and PIN protection.  That means you need to enter a four digit code to complete the transaction. This is vastly safer than the US standard of chip and signature.  Personally I use Diners Club card. Here are others noted by WalletHub. 

Look, I too want travel businesses to read and act on the Microsoft report which is stuffed with suggestions for toughening defenses.

But I am not optimistic.

Trust no one in the travel industry.

Leave a Reply

Your email address will not be published. Required fields are marked *