Why Hackers Target Airlines and The Travel Industry

The travel industry has been hit hard by cyber criminals in the past couple of years, with cyber fraud attempts on the sector increasing by 155.9% in the second quarter of 2021 alone. Traditional enterprises like airlines and airports have always been a hot target for cyber criminals, accounting for some of the largest data breaches in the travel industry. And many hackers are exploiting the industry in response to the COVID-19 pandemic, assuming that the sector’s focus will be on complying with new public health guidelines, rather than protecting customer data.

Why do hackers target the travel industry?

Big breaches offer big rewards, and even in the wake of the COVID-19 pandemic the US travel industry is worth $545.11 billion and is responsible for some 15.7m jobs. The nature of the data that travel companies collect also makes the industry an attractive target. Personally identifiable information (PII) gleaned from passports, IDs, and travel itineraries can be used in identity theft, resale, and spear-phishing campaigns. And the prices that these records command reflect their value; US passport details can sell for as much as $3,500 on the dark web, in comparison with stolen driver’s license numbers, which are worth around $20.

Another vulnerable form of currency are travel loyalty rewards, of which 1 billion dollars’ worth are stolen every year. Though they may not seem like a valuable target, most people don’t monitor their rewards programs closely, so these can be cashed quickly and lost forever — a low-risk, high-return treasure trove for hackers.

The challenge of legacy systems

Some of the biggest and most damaging breaches of passenger PII have been among airlines. In 2020, British airline EasyJet confirmed that the personal information of 9m customers had been breached. The incident was one of the largest breaches to impact a UK business, resulting in the theft of 2,208 credit card details. This followed the 2018 Cathay Pacific Airways breach, which affected 9.4m passengers and was found to be a result of unpatched internet-facing servers and the use of operating systems that were no longer supported by the developer. Similarly, British Airways were criticized for using legacy infrastructure for their core reservation and flight scheduling operations, which ultimately led to a 2018 data breach that cost the company £183m in fines. As well as costly fines, data breaches can result in grounded flights, the remote control of planes, reputational damage, and a loss of passenger confidence.

The use of third-party providers for ticket booking, passenger processing, and boarding services can also increase the risk of cyber attacks. Airline technology provider SITA suffered a data breach in 2021 that accessed the Passenger Service Systems (PSS) of partners including Air New Zealand, United, Singapore Airlines, SAS, Cathay Pacific, and Finnair.

The demand for digitalization

Beyond the value of the data they hold, travel providers are also tasked with keeping up with customer demand for tech-enabled solutions like self-service kiosks, flight tracking technology, digital boarding passes, and mobile charging stations. But organizations need to balance convenience and safety, and the more data their passengers input into systems, the more damaging a potential breach can be. Additionally, 82% of travel bookings are now made online via a mobile app or website, without any human interaction. And with the online travel market continuing to grow, companies taking bookings digitally are potentially exposing more of their valuable customer PII to cyber criminals.

Securing passengers and staff

A 2020 survey found that only 55% of travel executives fully understood cybersecurity, 33% ‘partially’ understood, and 12% did not understand cybersecurity at all, with only 35% of airlines and 30% of airports seeing themselves as properly protected from cyber risks. But with 100% of carriers planning major cybersecurity overhauls by 2024, organizations should be looking to invest in protecting their passengers, easing cybersecurity efforts for their staff, and ultimately helping restore customer confidence post-pandemic.

To find the balance between customer experience and cyber safety, organizations should be able to detect and predict cyber threats before they hit their systems. Centripetal CleanINTERNET draws from 3,500 separate threat feeds to shield your business from 99% of known threats, creating a Zero Trust environment. By analyzing threats for you and delivering the relevant findings through our threat analysts, we alleviate the security burden on internal teams and allow staff to focus on your customers and critical business activities. CleanINTERNET saves your business millions of dollars on separate cyber threat intelligence feeds, helping you proactively monitor the ever-changing threat landscape and secure your customers, employees, and reputation.

Get in touch with our team to learn more about our cyber threat intelligence solution for the travel industry.


Experience how CleanINTERNET® can proactively protect your organization.