Cyber attacks are coming for everyone, everywhere. According to Forbes, 94% of organizations have reported email security incidents, and that’s not even counting the many other ways hackers can infiltrate a network. Cybersecurity should be of paramount concern to every industry, hospitality included. Why, and how, should hotels protect against cyber attacks?
We’re here to help with this comprehensive guide. Our expert team is adept at creating safe, secure networks for hotels; read on to learn what exactly constitutes a cyber attack, why hotels need to be concerned, and a few of the key methods to mitigate the risk for your property.
As part of Blueprint RF’s sponsored panel moderated by Elaine Shuck (Senior Manager of Vertical Marketing at Aruba) that was hosted at HITEC 2024, we’ve also included key insights from Kim Keever (SVP Cybersecurity Cox Communications) and Jon Green (Chief Security Officer for HPE Aruba Networking).
As defined by the National Institute of Standards and Technology, cyber attacks refer to “any kind of malicious activity that attempts to collect, disrupt, deny, degrade, or destroy information system resources or the information itself.” These attacks can occur anywhere, against anyone — from massive corporations to individual smartphones.
One of the most notorious forms of cyber attacks are phishing emails. These emails — often featuring odd capitalization and unnatural language — masquerade as legitimate sources probing for information or asking for you to click a link, only to steal personal information and access private networks. While typically easy to spot, AI has turned phishing emails into a much more potent threat.
“AI lets bad actors — armies of bad actors sitting in office buildings in nation states working on this, and criminal enterprises collaborating together — get much better at things like phishing emails,” states Keever. Another rising threat? Remote work impersonation. Keever explains that “people (are) using AI to hire people impersonating U.S. based people because they’ve stolen their identities, and haven’t ever validated them in person because our workforce has changed so much.”\
Yes — cyber attacks are a dangerous, expensive threat to hotels of all sizes. Traditional knowledge considers certain industries safe from hackers and cyber threats; recent developments, however, have proven that is anything but true.
“People thought that certain industries were immune,” explains Keever. “Recently, Christopher Wray (current FBI director) went to Congress, and said that based on intelligence, we know nation-states are interested in every industry in our economy because of future potential geo-politcal conflicts.”
This threat additionally expands beyond foreign threats to more domestic operations. In fact, Keever states that “mafia-type, criminal organizations study each industry and get to know them [in order] to be very effective.” Organized crime has permeated nearly every industry as a potent cyberthreat, with hospitality being no exception.
Whatever the type of attack, hackers can cause massive financial and privacy consequences for hotels. According to IBM, the average cost of a data breach within the hospitality industry was $3.36 million. These attacks can occur through any number of outlets — including hotel systems, POS terminals, and guest WiFi networks. In turn, hotels need to consider cybersecurity across holistic technological avenues.
With attacks coming from so many angles, hotels need to consider holistic strategies to protect from hackers. Here are just a few of the most essential methods to prevent cyber attacks.
Cyber attacks don’t always come from entities directly targeting your business; sometimes, one click of a bad link can open a massive can of worms for your hotel’s network security. Blocking untrustworthy websites is a key way to protect hotel guests and staff alike. Network operators can block access to specific URLs, while installing antivirus softwares on hardware to restrict access to sites deemed fake and dangerous.
“Zero trust” has become both a buzzword and a massive trend within cybersecurity; according to Enclaive, 39% of financial organizations reported “extensive use” of zero trust networks — leading to cost savings of $850,000. So what is zero trust?
“Zero trust does not mean we don’t trust you (as in the user or device), but it does mean we don’t trust the network,” explains Green. “Zero trust basically says don’t trust any network. No network segment is inherently trusted. Every network should require some form of authentication, encryption, access control, and so forth. You basically treat each of your systems as if you are connecting them to the public internet.”
Many hospitality businesses assume that their private networks — such as back-of-house WiFi access for staff — are less susceptible to cyber attacks when they may be even more so. Zero trust means that every network segment is treated as one at risk because, in reality, they all are.
Just as bad actors constantly up their game, so too do cybersecurity professionals; as Keener eloquently states, cybersecurity is a “race without a finish line.” Many of these advancements are inherently installed within network, software, and hardware updates, fixing loopholes that hackers found to target and exploit within code. While installing consistent updates may seem like a hassle, those updates can ultimately save thousands of dollars.
From entities in foreign nation-states to massive domestic organizations, hotel hackers are working around the clock. As such, 24/7 network monitoring is essential to making sure no anomalies occur. Some technology, such as AI, can streamline this process.
“There’s kind of machine learning for anomaly detection in networks, systems, things like that,” explains Green. “(It) doesn’t say if it’s good or bad, but certainly that it’s much different than it was yesterday.”
Even with AI, however, a human team is necessary to analyze results and act on potential breaches. That’s why Green recommends smaller hotels hire an outsourced team responsible for constant monitoring.
“If you’re a small organization with a smaller budget, outsource this, because you don’t stand a good chance,” elaborates Green. “They’re going to get you eventually, and it can be expensive when that does happen.”
Blueprint RF is your ideal partner for hotel network installation and security. Every one of our networks is hand-crafted for the latest advancements in cybersecurity technology, leveraging around the clock support and monitoring to make sure guests and staff alike stay safe on your network. Contact us today to build a safe cyber future for your hotel.