Travel Industry

The largest number of clients that seek our help are from the travel industry. Nowadays hackers rely on their social skills to steal information. For example, the hacker acts as a customer and asks a staff member at an airport to print a boarding pass from their USB. The employee inserts the USB into a computer and the hacker gains access. Now the attacker can retrieve sensitive data like saved passwords. These passwords can allow access to cloud services that store credit card information.

TThe way this is accomplished is by using macros. The boarding pass is usually saved as a PDF file and that PDF contains a hidden macro that will infect your system. It will run unnoticed in the background and log into the booking server. The macro subsequently downloads all stored credit card information, extracts the data, encodes it, compresses it into a ZIP file and uploads the compressed archive via a public file transfer website. In a matter of seconds your data is sent to wherever the hackers pleases, for example to a country with questionable law-enforcement. 

Real life testing with our device “Chernobyl”, which is armed with the latest technology, performed the above task in less than 30 seconds. Visa and MasterCards that are protected with 3-D Secure protection can generate up to 30 dollars. All of your data is sold and paid for in Bitcoins, which are untraceable. And as for American Express, the sky is the limit. The PCI DSS is quite consistent all by itself, however it is crucial to ensure that this never happens to your company.