Home Hotel guest Hotels Targeted by Cybercriminals – ChannelE2E: Technology News for MSPs and Partners ChannelE2E: Technology News for MSPs and Channel Partners

Hotels Targeted by Cybercriminals – ChannelE2E: Technology News for MSPs and Partners ChannelE2E: Technology News for MSPs and Channel Partners


The hospitality industry, with a turnover of several billion dollars, stores an enormous amount of highly sensitive and compromising data. This is why the hospitality industry is a very rich target for attackers.

It has become a prime target for organized gangs of cybercriminals with malware specifically designed to steal card information used on POS terminals.

These represent no less than 13% of all cyberattacks against organizations and the costs in some cases are very high. The type of threats that hotels face are varied, but the most common are:

  • Data breaches: Two years ago, the Marriott Group was fined £18.4 million by UK authorities for failing to comply with data protection regulations, leading to an exfiltration of data breaches. personal data of its customers, including names, passport numbers and telephone numbers.
  • Ransomware: As in other industries, this malware has shut down hotel systems, sometimes compromising business operations and guest welfare. During a cyberattack earlier this year, the Nordic Choice Hotels chain had to manually open room doors because swipe cards weren’t working due to ransomware in the room management system.
  • Phishing: A luxury hotel chain in Macau has received a very sophisticated spear phishing attack from the North Korean group APT DarkHotel. Members of the management of several stations received emails impersonating other members of the organization with malicious Excel files attached.
  • Vulnerable Wi-Fi networks: A few weeks ago, we reported on the unexpected discovery of a cybersecurity analyst in a hotel in Qatar while using the Wi-Fi network. He was able to access an FTP server containing information sensitive about the customers not only of the resort where he was staying, but of the entire group made up of 629 hotels in 40 countries.

It is clear that the attacks suffered by this sector are not anecdotal or temporary, but that there is a real economic interest behind them.

As these threats are increasingly frequent and sophisticated, it is essential that hotels seek partners to advise them on how to implement the best security measures in their organization:

  • Training in good cybersecurity practices for all hotel staff, as this will reduce the risk of phishing and other cyberattacks using social engineering.
  • Frequent and permanent backups of systems and sensitive data that are not linked to the main servers, in order to prevent the exfiltration of guest data and to restore systems as soon as possible in the event of a ransomware blockage.
  • Update all third-party systems and software, with the aim of minimizing the possibility of malicious cyber actors exploiting vulnerabilities.
  • Use of comprehensive cybersecurity platforms with tools that provide the following:

Protect your business. Protect your customers

WatchGuard is here to provide the multi-layered protection your customers need against the most advanced types of malware, and deliver it in an easy-to-maintain way.

CloudWatchGuard was designed to help you respond faster and better to your customers’ needs, with simplified operations, built-in roles and permissions, automated alerts, and more.

Centralizing all of these actions will allow you to improve overall business operations rather than managing service licenses, managing support tickets, or setting complex policies. This will differentiate your business from the competition, as you can spend more time offering your customers other higher value-added services that are more profitable for you.

Instantly, anywhere, anytime, it’s also easy to initiate customer trials and expand each customer’s protection to include products from WatchGuard’s full portfolio.

After: Stay up to date with the latest cybersecurity news from this industry and others on our WatchGuard Blog

Guest blog courtesy of WatchGuard Technology. Read more WatchGuard guest blogs here. Regularly contributed guest blogs are part of the ChannelE2E referral program.