Carnival Corp. Hacked; Guest and Worker Information Accessed
Carnival Corp. says it was the victim of a ransomware attack that likely got some personal information about the cruise companyâs guests and employees.
Preston, Chief Technical Evangelist at Druva, said, “In today’s increasingly hyper connected world, unfortunately no organization, regardless of industry, is safe from a ransomware attack. Given COVID-19’s impact on the travel industry, attackers are thinking strategically about which organization to target and why.
Cyber criminals are opportunistic – whether their target is on land or sea. Malicious insiders, nation-states, and terrorism are now unfortunately part of the collective cyber threat to ensuring passenger safety and continuity of operations on cruise ships. Across the board, organizations are facing similar cyberthreats and malicious attacks during the COVID pandemic, with some unique exceptions in the travel industry. While the cruise line industry has a complex threat environment to navigate, there are steps the industry, contractors, vendors and port-of-call operators can take to reduce the impact of a security incident.
Embracing the agility and flexibility of cloud data protection will assist enormously to organizations that are on cyberattackers’ radar. Making use of a cloud-based ransomware protection solution will support an organizations’ responses to attackers and will ensure data remains safeguarded away from the bad guys.
Any organization that collects information on its customers must be prepared to keep that data safe–and prioritize data protection in the first place. In the age of GDPR and CCPA, it’s unacceptable not to take precautionary steps to secure data. Deploying a robust cloud-based ransomware protection and recovery solution will be the best medicine for staying ahead of malicious threats in the future and keeping pace as organizations continue to expand operations.”
Pravin Madhani, CEO and Co-Founder, K2 Cyber Security, said, “Fueled by the success of previous ransomware attacks, it’s no surprise the number of ransomware attacks continues to increase. While many of these successful attacks come from phishing campaigns, it’s not necessarily the only means. It’s also possible for ransomware to be deployed utilizing exploited vulnerabilities. Organizations need to remain vigilant in their security, not only using phishing detection and training employees to recognize phishing, but also making sure they have defense in depth for all of their applications, data, and assets that are internet- facing. That includes making sure their devices and software are up to date and patched. Equally important, organizations need to make sure they vet the security of partners as thoroughly as they vet their own security infrastructure.”