Is the hotel industry getting left behind when it comes to cybersecurity?

  • Phishing: This remains the most prevalent and effective means of cyberattack. The more sophisticated phishing campaigns are often augmented by inside knowledge on the target.
  • Web applications: Web applications are a very easy target for hackers because they can be attacked remotely via the Internet. Hotel websites typically store lots of customer and payment data on their back-end systems.
  • Denial of Service (DoS) attacks: Multiple hotels have reported availability issues with their room management and booking systems due to DoS attacks. In at least one case this forced the hotel to revert to paper-based systems.
  • Point of Sales (PoS) devices: Hackers install malware on PoS devices that allows them to ‘skim’ customer payment information. This data can then be leveraged for financial gain.
  • Wi-Fi: Without the appropriate design and configuration, Wi-Fi provides hackers with an entry point through which to mount attacks on other guests and any connected network or physical system.
  • Ransomware: The primary purpose of a ransomware attack is to deny the target’s access to sensitive information in order to blackmail them for financial gain.
  • Digital door locks: A vulnerability was found in one of the most widely used digital lock systems. The attack became so popular it was used in the TV show Mr Robot, while also appeared in numerous YouTube videos .
  1. New and existing web and mobile applications — for example, guest registration, loyalty programmes and booking systems
  2. New and existing infrastructure — for example, payment systems, WiFi, automated access control security systems
  3. Physical devices — for example, automated access control security systems, smart TV’s and entertainment systems, HVAC and lighting systems
  4. Supply chain: A businesses supply chain can become a target for attackers if they identify a weakness in third party applications or infrastructure that allows them to circumvent your security systems. Hotels are often required to share large volumes of data with their supply chain, meaning it is equally critical that third party systems are assessed and scrutinised to the same extent as your own organisation’s.

Leading with strategy, design and architecture, we connect cloud, data, and cyber to engineer and deliver large-scale, complex transformations.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

{UPDATE} VR Motor Racing Mania Hack Free Resources Generator

The Tower of Babel

Detecting High Risk Chrome Extensions with OSQuery

Africa’s emerging markets — a breeding ground for cyber attacks?

FreshCut Labs Allowlist for Polkastarter IDO is Now Live!

Encrypting your data with GPG in CLI

Hoo 3rd Anniversary Celebration, Enjoy a $1,000,000 Grand Prize Pool

Crypto Battle CBX

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store


Leading with strategy, design and architecture, we connect cloud, data, and cyber to engineer and deliver large-scale, complex transformations.

More from Medium

An Inspirational Mentor Story of Gina Yacone — Denver Metropolitan Area

CyberSecurity first steps — PicoCTF Forensics Challenge

Log4J vulnerability — What you need to know!

Cybersecurity is a serious matter… even if you think you don’t matter.