If you’re asked to list some of the prime targets for hackers and ransomware, you would probably list banks, retail chains and credit card companies. Hotels are a less obvious target, yet they are hacked nearly as frequently as traditional targets like banks. Major hotel chains have begun to take notice of the threat to their guests’ data security, and some of them have begun ramping up their cybersecurity efforts.
Why Hackers Target Hotels
Hotels are companies built around quality customer service. They have long prized an old-fashioned, human touch, as hotel guests who feel valued and well taken care of are more likely to become repeat customers. Yet, as hotel patrons have become increasingly accustomed to accessing a certain level of technology, the hotels have had to keep pace.
Today, you’ll find hotels with curtains operated via remote control, smart TVs, robot butlers and Internet-connected fish tanks. All of that technology may be exciting for hotel guests, but it’s downright irresistible for hackers, who exploit these many vulnerabilities to access guest information.
Hotel computer systems store a great deal of sensitive information, including credit card numbers. However, it’s important for cybersecurity professionals to be aware that financial gain isn’t always the only motive for hackers. Hotels often house high-profile guests, including domestic and international politicians. Some hackers, who may work for state-operated agencies, may fish for the itineraries and sensitive information of traveling politicians as a way to gain a geopolitical advantage. Similarly, sometimes hackers who target executives are looking for proprietary corporate secrets.
Where Vulnerabilities Lie
The hotel’s computer system, including the payment information of its guests, is an obvious target for hackers. However, the hackers might not always directly target the computer system itself. Rather, they often seek to exploit weaknesses in the Internet of Things (IoT). For example, hackers could potentially take the Internet cable from a hotel room’s smart TV, plug it into a laptop, and use the connection to access the hotel’s property management system (PMS). This may then allow them to access the hotel’s corporate system, which can yield credit card information. Other potential vulnerabilities and threats can include the following:
- Internet ports connected to remote control curtains
- Internet-connected smart thermostats in hotel fish tanks
- Thumb drive ports in cash registers at restaurant bars
Hotel hackers have also been known to use Wi-Fi “pineapples.” Hotels typically offer their guests access to their Wi-Fi network. A hacker can set up a Wi-Fi pineapple (a hardware device) to mimic the appearance of a legitimate network. Guests will log onto what they believe to be the hotel’s Wi-Fi, but they’re actually logging onto the pineapple’s network. This allows hackers to easily infiltrate the hotel guests’ laptops and other devices.
The many possibilities that exist for hackers in hotel chains highlight the importance of strong, proactive security initiatives.
Cybersecurity is a rapidly evolving career field that requires highly trained, ethical professionals. You can prepare to pursue your dream job in the cybersecurity field by earning your Master of Science in Cybersecurity at Grand Canyon University. Our online master’s degree programs are designed to fit into the lives of busy, working professionals.
The views and opinions expressed in this article are those of the author’s and do not necessarily reflect the official policy or position of Grand Canyon University.