Leisure and Travel Sector – are you vulnerable to a DDoS attack?

DDoS attacks are a favoured method for cyber criminals which hurt the travel and leisure industry while reaping a large financial reward.

Hotels and airlines rely on a wide array of networks to provide reservation, payment, entertainment, and security systems. If a cyber-criminal can disrupt a company network by way of a DDoS attack, they can shut the entire operation down until they receive payment to put the system back up again. For large hotels and airlines, the loss of revenue that could result from operations being down for even a couple of hours makes paying a large price potentially worth it. For small and medium sized companies failure to pay the ransom could mark the end of the business altogether.


As covered in Cyber Insurance for small businesses – understanding the pitfalls in an ever changing world (ecrcentre.co.uk) – the insurance to cover the cost of these types of attacks is becoming more and more expensive and limited in scope. It pays to have other options if you are unlucky enough to face this type of incident.


So, what is a DDoS attack?

A distributed denial-of-service (DDoS) attack is a malicious attempt to disrupt the normal traffic of a targeted server, website, or network by overwhelming it with a flood of Internet traffic.

DDoS attacks frequently come from multiple sources to make their identification more difficult. It can also hinder the victim organization’s attempts to stop the DDoS.


In lay terms it’s like an unexpected traffic jam clogging up the highway, preventing regular traffic from arriving at its destination.


DDoS normally present themselves, as you would expect, by a slowing or crashing of a company’s network or website. Which costs you time, reputation and money and potentially drives your customers to competitors websites


Can you protect yourself from these attacks?

DDoS attacks are notoriously difficult to prevent.


The attackers don’t need internal access to the network as the attack is from the outside. They are increasing in complexity and sophistication meaning that defence against these dark arts needs continual review. But the key points for protection to remember are

  1. Know your network's traffic. A free tool that we can recommend here is Police CyberAlarm | The Eastern Cyber Resilience Centre (ecrcentre.co.uk)

  2. Create a Denial of Service Response Plan within your incident response plan Tools | Eastern CRC (ecrcentre.co.uk) – one of the areas covered within the Cyber Essential (CE) Program

  3. Make your network resilient and practice good cyber hygiene – using CE principles

  4. Scale up your bandwidth. The greater the bandwidth the more effort a DDoS attacker will have to make to crash your site. Moving your operation to the cloud may help.

  5. Take advantage of anti-DDoS hardware and software. Speak to your Managed Service Provider (MSP) if you have one.

  6. Make sure all staff know the symptoms of an attack and respond quickly to it using your plan.

What next?

The impact of a successful attack against your website or network can be catastrophic and lead to website downtime, loss of business and loss of reputation. In the worst cases it can lead to the closure of the business altogether. But all is not lost.


So, what can I do?

Here at the centre, we would advise you to do three things now

  1. Join our free core membership by clicking through to https://www.ecrcentre.co.uk/core-membership-sign-up. You will be supported through implementing the changes you need to make to protect your business and your customers.

  2. We would also recommend that you speak to your Managed Service Provider (IT support) and / or website company to discuss how they can implement cyber resilience measures on your behalf.

  3. Follow Cyber Essentials standards. For small and medium sized businesses in the Eastern region we would recommend that you look at improving you overall cyber resilience through the free Little Steps pathway we provide which helps you understand the standards within Cyber Essentials. If you want to pay for the assessment, we can refer you one of our Trusted Partners – all regionally based cyber security companies that can help you become accredited. By implementing the controls within Cyber Essentials, between 60 and 99% of attacks will be either fully or partially mitigated.

The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for the East is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others. Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for the East provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

The Cyber Resilience Centre for the East does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for the East is not responsible for the content of external internet sites that link to this site or which are linked from it.