The Darkhotel cyber threat highlights the need for corporations to take regular TSCM sweeps seriously.
Darkhotel, so named by Kaspersky Labs, is a malware attack that has been operating at least since 2009, focusing on executives visiting hotels especially in Asia.
A key element in these reports, according to Kaspersky’s research, is that the Darkhotel group often knew a target’s room number, full name, and length of stay before they arrived. This indicates that the perpetrators would have done extensive intelligence gathering and surveillance of the intended targets prior to the travel. In this light, TSCM sweeps become much more significant in the fight against cyber attacks and protection of information assets.
Kaspersky explains how the Darkhotel malware works:
Be sure to have regular counter-surveillance sweeps performed for your executive offices, especially when any travel plans are scheduled. Along with cyber threats, enemies planning physical attacks on your personnel will also have made use of surveillance prior to an attack. The personal plans and itinerary of executives are types of information that you can’t afford to lose control of. Recent news articles on the Darkhotel threat can be found at CNBC [here], CNET [here], and Wired [here].