An Increase In Malicious Activity Generally Coincides With An Increase In Travel Demand
Cybercriminal activity in the airline sector is anticipated to spike as the industry begins to recover from the pandemic. As bookings increase, hackers will be increasing their site crawling activities, looking for vulnerabilities and easy targets.
Recovering from attacks is time-consuming, resource draining and costly during normal times. With many travel organizations facing financial difficulties, cybersecurity neglect is bound to catch up with many of these organizations.
Price Scraping…A Double Edge Sword
Web scraper bots collect pricing and fare information. This activity is both beneficial and harmful to airlines.
On the one hand, airlines benefit from these scraper bots. Aggregation and booking sites employ these bots to automatically obtain pricing and fares from participating travel sites. Increased bookings from these aggregation sites represent a substantial revenue channel for many airlines. With revenue based upon the aggregation site’s sales performance, airlines can defray direct sales costs.
Competitors also utilize web crawler bots to obtain price comparison data. This makes it easy for rivals to steal customers by offering lower price alternatives, undercutting special offers and garnering auxiliary sales that they would not otherwise make .
Availability Scraping…Similar To Price Scraping But With Additional Problems
No only do web scraper bots collect pricing and fare information, they also collect availability information. This activity is both beneficial and harmful to airlines.
The Benefits. Web scraper bots provide authorized aggregation and booking sites the ability to automatically obtain availability information from participating travel sites. Many airlines rely upon these sites for bookings.
The Threats. Competitors and hackers use web crawler bots to not only obtain availability information, but also to damage an airline’s brand reputation and customer experience by holding reservations, reducing availability and slowing the booking reservation engine.
How Malicious Bot Attacks Work
Hackers will deploy generalized bots, which perform a scan of a website and online infrastructure looking for vulnerabilities they can penetrate. On the surface, these “crawler bots” appear harmless, behaving in a similar manner Googlebots. They simply crawl a site, page by page reviewing its content. This first stage, reconnaissance work, enables cybercriminals to automate their penetration testing in bulk. The resulting vulnerabilities are categorized and targeted through custom bots designed to penetrate the specific vulnerabilities.