COULD MY CLUB REALLY BE A PROFESSIONAL HACKER’S TARGET?

Australia is recognised around the world as the “lucky country” because we are wealthy by international standards, so our businesses have become a growing target for hackers.  Experts at an international threat analysis company have ranked Australia as one of the most targeted countries at risk from devastating ransomware attacks.  Hotels, restaurants, and leisure services ranked among the Top 10 targeted industries.

Over the past few months local hospitality industry experts have identified several cases of hackers installing new malicious software called ‘PerfectData Software’ during hijackings of Microsoft 365 accounts. Industry IT Services specialist Jason Drew, CEO of Secom Technology Group, has already identified it in hacking attacks in several NSW clubs. 

 

How could my venue be at risk?

Did you know that one small casino in the USA was hacked through the thermometer in a fish tank?

“The attackers used that (a fish-tank thermometer) to get a foothold in the network”, a security expert explained.

“They then found the high-roller database and then pulled that back across the network, out the thermostat, and up to the cloud.”

This highlights the advice provided by Jason Drew, CEO of Secom Technology Group, in an interview at the 2023 Australasian Gaming Expo. Jason confirmed that there are many areas in clubs and pubs that provide opportunities for hackers.

“Hospitality venues hold large data sets of members personal information, with members and guests logging on to local open access Wi-Fi, common use Microsoft accounts and staff often sharing passwords. Every club uses Microsoft software, vulnerable to the new ‘PerfectData Software’ hack, with often limited control over accounts. In all clubs, protecting that data and accounts is critical”.

“We also have older systems that have moved to cloud-based solutions but are using hybrid hardware and firmware updates to support technology that was not designed to connect to the internet, such as our VoIP telephone systems.  They lack the IT security required in today’s world and the hackers know it”.

I guess we can include fish tanks in that list too!

Using a Managed IT service in your club or hotel gives the best security against hackers as these companies constantly monitor and update software patches to ensure there are no loopholes to exploit.

In addition, Managed IT Services, such as hospitality specialists Secom Technology Group, can complete Vulnerability Assessments and Penetration Testing to give you an overview of where you have areas in your systems and software that makes you vulnerable.

 

Why Is It Important for Businesses to Do Vulnerability Assessment and Penetration Testing?

One of the best ways to ensure that your IT systems and applications are secure and resilient against cyber threats is by conducting regular vulnerability assessment and penetration testing on IT systems and applications. It is a security testing method that combines these two complementary approaches.

Vulnerability scanning is the process of identifying and analysing the vulnerabilities that exist in IT systems and applications. Vulnerability assessment tools scan the IT systems and applications for known vulnerabilities and provide a report on the severity, location, and description of each vulnerability.

Penetration testing, also known as a “pentest” or “ethical hacking,” is a manual technical test that goes beyond vulnerability scanning. The test identifies vulnerabilities (loopholes) on a system, network, or an application, and subsequently attempts to exploit those vulnerabilities. Penetration testers use various techniques and tools to exploit the vulnerabilities and gain unauthorised access or perform malicious actions on the system or application.

Vulnerability assessment and penetration testing provides businesses with a more comprehensive and realistic evaluation of their IT security than any single test alone.

 

Find out if your club is at risk today!

Secom Technology Group can complete a cybersecurity & vulnerability scan and penetration test (including an Executive Summary Report) to ensure your venue is secure.

Call Jason Drew at Secom Technology – Phone:  1300 781 224