Travo Cyber Summit: Patch software to avoid becoming collateral damage in cyber wars

Travo Cyber Summit: Patch software to avoid becoming collateral damage in cyber wars

Barry Gooch, chairman of travel industry anti-fraud group PROFiT, said failure to address pre-internet vulnerabilities is still leaving firms open to becoming unintentional victims 

Travel firms could become inadvertent victims of the cyber wart being waged between Russia and Ukraine if they have not made sure their software is updated.

Barry Gooch, chairman of the industry anti-fraud group PROFiT, told Travolution Cyber Summit delegates that failure to patch software remains one of the biggest issues.

He said despite advances in technology and anti-cyber IT defences, the industry is still trying to solve problems that existed in the pre-web era when hacking was first invented. 

“We are not even solving problems that existed before the internet arrived. The internet was first proposed in 1989. Before the internet there was something called the ARCNET.

“The very first hacking attacked occurred on the ARCNET and it was by a gentleman called John Draper. He was an ex-Vietnam vet and he hated the US government.    

“Spam was invented as an advertising tool by a guy called Gary Thuerk and the inventor of email thought it was the best thing since sliced bread. It’s the curse of all our lives now.

“The first worm which caused the first DDoS [distributed denial-of-service] attack was developed by a chap called Robert Norris to attack Aids clinics in the US. 

“The very first know state sponsored cyber attack was by the Russians and they attacked Estonia. It’s been going on for a long time. These things are not new. 

“The problem of unpatched software was identified in the early 1970s. One of the major problems now is that people are not patching their software all these years later.

“We’ve not solved the problem with all the technology. These are all developing issues, nothing stands still.”

Gooch said the good news is that state-sponsored actors are not at all interested in UK travel companies. 

But he warned all known groups are developing their own strategies and are swapping operatives and know-how and this is being picked up by criminal gangs.

“This is being done on an industrial scale but the good news it they are not after individual  companies or businesses,” he said.

“The bad news is they develop stuff which gets out to the criminals and that’s when it can become a problem.”

As part of the current conflict in Ukraine state-sponsored Russian hacker are using discreet set of tools against the Ukrainians. 

The most dangerous is the malware frameworks or family of tools which are baskets of wipers, access tools and ransomware tools targeting infrastructure like the power grid.

A tool is used to unlock the system and a wiper wipes all the data. Some start with back-ups so by the time the victim realises it is already too late. 

Another wiper which will re-set the whole system to zero and then ransomware will send a political message to the victim saying they have been attacked. 

Gooch said: “The bad news for us is the Ukrainians use some of the same software that we do because it’s international software.

“That is an issue for all organisations because you can secure your castle but if you need to get information in and out it has to travel out into a hostile environment. 

“That means you are subjected to going through unprotected technology you have no control over. You can’t secure that, all you can do is make sure your own house is in order.

“They are attacking critical national infrastructure, like airports. Ninety per cent of the time we don’t need to know about it it’s only when it spills out. 

“You could unintentionally become affected because critical national infrastructure you rely on to trade is taken down. That’s just accidental, you’re just collateral damage.

“You could become unintentionally affected through the software you are using - old versions of software like Windows. 

“If you are not keeping your software patched and up to date you could become victim of one of these wars going on in cyber space.

“Or you could be directly targeted if you are in some way part of the national infrastructure or they think you are.”