New Intelligence Trends Report Analyzes Cyber Threats in the Retail, Hospitality, and Travel Sectors

Credential harvesting is the most prevalent reported threat, but recent developments, such as Adversary-in-the-Middle attacks, are increasing.
Retail and Hospitality Intelligence Trends Summary Report Cover image

Vienna, VA (September 29, 2022) – The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) today released the first-ever public version of the Retail & Hospitality Intelligence Trends Summary, which analyzes trends in the cyberthreat landscape for the retail, hospitality, and travel sectors. The report sheds light on the top threats and malware families reported by the RH-ISAC community from May to August 2022.

Analysis of the intelligence sharing for this period showed that the top reported threats by volume continued to reflect the steady reliance by cybercriminals on tried-and-tested threat vectors like credential harvesting and phishing. Log4j has now taken a back seat to new emerging trends, such as the resurgence of Emotet.

In addition to the intelligence sharing analysis, the report highlights the most discussed topics in the CISO and analyst communities. The report also includes observation and analysis of extortion instances involving the retail and travel industry during the May – August 2022 timeframe as reported by Nisos, a cybersecurity vendor and RH-ISAC Associate Member. The extortion actors range from insider threats to ransomware groups, and information about the actor, TTPs, financial impact, and the result of these instances are outlined in the report.

Download a copy of the report here. This report is a TLP: White redacted version of the original report, which includes privileged information available to RH-ISAC members.


More Recent Press Releases