Air travel in America is having a bit of a moment (and not the good kind), and now we can add another zinger to long delays, near mid-air misses, cancelled flights, and a serious dearth of air traffic controllers: cybercrime. This month, the FBI issued warnings to the aviation and transportation sectors that a sophisticated cybercrime group, Scattered Spider, is targeting the industry.

 

Canadian commercial, charter, and cargo airline WestJet announced in June that it had been hacked. While operations were not impacted, internal systems were “disrupted.” Likewise, security consulting firm, Mandiant, has identified several other incidents across the sector—mostly at large, English-speaking companies—that follow Spider’s patterns, namely harnessing social engineering techniques to impersonate users to access systems and data they should not. This can come in the form of hackers calling customer service with seemingly innocent stories of lost passwords or changes to confirmation phone numbers, calling consumers with “deals” that just need to be secured with a credit card, or posing as employees to IT specialist to exert aggressive attacks on data in company servers or in the cloud.

 

What does that mean for you as a consumer?

The good news is that companies you’re likely to shop with (from major airlines to third party vendors like Expedia and Hotwire) are already shoring up their defenses. According to Mandiant’s CTO Charles Carmakal, “Organizations can take proactive steps like training their help desk staff to enforce robust identify verification processes and deploying phishing-resistant multi-factor authentication (MFA) to defend against intrusions.”

 

Practically speaking, this may mean longer wait times on customer service calls, more requests for additional proof of identity, or requests to reset passwords. Take a deep breath, and know that all these tactics are in your interest. Also, when the attack methods are known (as they are here), it’s always a good idea to do a quick data hygiene check as follows:

 

1. Change all passwords for sites associated with the travel industry.

When asked for MFA phone or email information, provide that.

 

2. Remove banking details.

If you have a bank card/account associated with those accounts, sever that connection until you need to make a purchase.

 

3. Check your credit.

As always, if there is a hack, there is also the danger that your personal data is being used with malintent. Run a credit report, and set up alerts should another issue arise.

 

Spider has made its way through global companies, one industry at a time—first retail, now aviation—so maybe with companies, vendors, and consumers on their toes, the hackers will just move on. Good news for travelers, less good news for whoever is next. The best advice when doing business on-line? Be smart, stay alert, and don’t fall for social engineering efforts.