Security Update – 27 August 2009

Radisson Hotels & Resorts has stated that its computer systems were subject to illegal access between November 2008 and May 2009, with an unknown number of people being affected. The security breach is thought to have affected some of Radisson’s hotels in the United States and Canada.

Radisson admitted that customer credit card numbers are likely to have been accessed, with the hotel chain warning its guests to keep a close watch on their accounts for unauthorised purchases. The cyber-attack was allegedly only discovered after several credit card companies contacted the hotel giant. Particularly concerning is the fact that the illegal penetration of Radisson’s computer systems occurred for more than half a year.

International Operations Group - Analysis

Cybercrime is increasing at an alarming rate with a recent study by the computer security company Panda Security finding that there has been a 600 percent increase since 2008 in the number of computers being affected by malware engineered to steal personal information. Data breaches cause great financial damage to organisations. A Ponemon Institute study of 43 companies carried out earlier this year reported that the average cost of a data breach now stands at about US $6.6 million. The study also found that 88 percent of all data breach cases in 2008 could be traced back to insider negligence.

The global financial crisis and a huge black market for bank card and account information are contributing to the rapid increase in cybercrime. The number of phishing emails seeking personal banking information has increased dramatically during the financial crisis with numerous banking takeovers and changes. Although email systems have traditionally been the primary method for distributing malware, social sites (including facebook and twitter), infected web pages and fake antivirus software have also become major malware attack vectors.

Data protection laws are becoming increasingly stringent and data losses and breaches lead to massive reputational as well as financial damage for organisations. As the economy worsens, cyber security should be of utmost importance as both the governmental and private sectors become more susceptible to data theft and industrial espionage. Organisations should ensure that they are aware of potential risks and have robust policies and technological measures in place to protect confidential data.

International Operations Group - Services

Cyber security requires strong intelligence and an increased awareness of potential vulnerabilities in corporate, utility and governmental systems. International Operations Group can offer methods of improving cyber defence standards for both companies and governmental organisations. Our intelligence and screening systems help to ensure secure networks. We are also able to provide advice on internal business risk mitigation and network assessments.

Please email us at intel@interopsgroup.com or telephone us on +61 2 8003 3933 for additional information or confidential support.

For more information on our fee-based intelligence updates or bespoke reporting, please email Rob Stevenson - rob@interopsgroup.com. Rob can also be telephoned directly on +61 [0] 420 244 909.