As Labor Day approaches, new data warns that cybercriminals are exploiting increased traffic to cover their attacks. The data comes from Cequence’s research team, which found 100% of the top 10 travel sites were exposed to public-facing vulnerabilities. Of these companies, four had 91% of the serious vulnerabilities. Furthermore, eight of the top 10 organizations had unmonitored or unmanaged public-facing, non-production/internal application servers. One organization had more than 300. These servers could open the door for malicious actors. 

The research observed a pattern: industry peak seasons often coincide with increased cyberattacks. According to the research, the peak of the hospitality industry’s season may see an increase in DNS queries and DDoS attacks. The winter travel season, which begins in October, could generate enough traffic for cybercriminals to conceal their attacks. 

“Travelers are at risk during peak vacation times, with cybercriminals seizing the opportunity to strike,” said William Glazier, Director of Threat Research at Cequence. “Our research highlights severe threats, including financial loss, identity theft, and disrupted travel for consumers, and reputational damage and legal issues for businesses. Frequent attacks can undermine consumer trust in digital platforms. To mitigate these risks, organizations need to prioritize API security, while travelers should stay vigilant and practice robust cybersecurity.”