The Cost of Cyber Attacks for Hotels

Are Hotels Prepared for The Cost of Cyberattacks?

cybersecurity for hotels

Technology has become an integral part of our existence and has been incorporated into every aspect of our daily lives.  We have become dependent on technology to access and deliver crucial information in our professional lives and technology has become essential in our personal lives as well. Whether we are running a business or we are shopping online or browsing through social media, technology is intertwined with just about everything that we do.

Cyberattacks Are Expensive

Technology has afforded us a lot of benefits, but the rise in hotel technology also comes with the risk of cyberattacks.  In a 2020 report published by Cybersecurity Ventures, it is estimated that global cybercrime will increase by 15% per year over the next 5 years.  It will cost the world an estimated $10.5 trillion annually by 2025, which is an increase from 3 trillion in 2015.  Cybercrime is predicted to cause more damage than a natural disaster would in a year.  The cost of cybercrime includes damage and destruction of data, stolen funds, loss of productivity, theft of personal and financial data, post-attack disruption, investigations, the cost of restoring data systems and damage to your hotel’s reputation.

Interested in Upgrading Your Hotel Technology

Why are Hotels a Target for Cyberattacks?

cybersecurity for hotels 1

Cybersecurity experts believe that 3 out of 4 hotels are vulnerable to cyberattacks.  Hotels also process a large number of transactions daily and that makes them extremely appealing to cybercriminals.  Even a small hotel will process a magnitude of transactions daily that require the use of personal information including passport numbers, email addresses and payment information.  The investment in hotel technology such as mobile key  and mobile check-in has increased since the pandemic began and guests can also use their mobile phones to make payments and to request services during their hotel stays.  The advancement in technology has brought about a rise in cybercrime, as cybercriminals are becoming more sophisticated and are developing new methods to infiltrate hotel networks.  Many hotels and businesses currently face a host of cyber threats, including phishing attacks, spoofing attacks, ransomware attacks and distributed denial of service (DDoS) attacks.  These types of attacks not only cause a major disruption of hotel operations, but they can also result in thousands of dollars in lawsuits, fines and the cost to recover data.  Cybercriminals can target hotels across the globe without even being in the same geographical location.

Cyber Threats Faced by Hotels

cybersecurity for hotels 2

Phishing Attacks

Phishing sites have increase by 27% since January of 2020, as of January of 2021, Google has registered 2,145,013 phishing sites.  In 2019, Verizon’s Data Breach Report Investigation, found that 94% of malware were delivered to computers through email.  Phishing attacks send emails to trick users into clicking on links or opening attachments.  These emails are designed to mimic legitimate emails sent out by coworkers or by management, they can potentially corrupt your software or hotel network.

Spoofing Attacks

The U.S. Federal Trade Commission received 1.4 million reports of identity theft in 2020, which is double the amount reported in 2019.  During spoofing attacks, cybercriminals set up Wi-Fi networks that resemble hotel networks.  Unsuspecting guests will be lured into logging on to the imposter network, which will allow cybercriminals to gain access to personal information, such as credit card numbers.

Ransomware Attacks

A research study conducted by cybersecurity company, Deep Instinct found that throughout 2020 malware increased by 358% overall and ransomware increased by 435% in comparison to 2019.   Ransomware attacks are the most common method used by cybercriminals, it involves using malware to infect computers or mobile devices and restricts access to files.  Most cybercriminals will threaten the permanent destruction of data or threaten to expose information unless a specified amount is paid.  A survey conducted by cybersecurity company Sophos found that the average cost to recover from a ransomware attack has increased by 50%, from $761,106 in 2020 to 1.85 million in 2021.  And only 8% of businesses fully recovered their data after paying a ransom.

Distributed Denial of Service (DDoS) Attacks

DDoS attacks inundate sites, applications and servers with large numbers of connection requests that exceed their capabilities.  This type of attack severely impacts the customers experience by causing response delays and service disruptions.

How Can Hotels Protect Against Cyberattacks?

cybersecurity for hotels 4


The hotel industry has been known to have high employee turnover rates of over 70%, as many employees tend to leave for employment at numerous other hotels.  Security protocols need to be put in place to properly ensure that staff are trained on how to handle customer information and also how to spot potential cyber threats that could result in a security breach.

Protection for Remote Workers

The pandemic has changed the way we work, by March of 2020 most companies were forced to have employees work from home due to the pandemic.  Remote work became the norm for many businesses, as the seriousness of the COVID-19 pandemic became apparent.  With remote hotel workers using their personal computers daily, hotels need to ensure that a virtual private network (VPN) is established in order to protect against possible cyber threats.

Investment in Cybersecurity

There are numerous cyber threats being faced by the hotel industry and it is essential that hotels invest in a hotel cyber security system that protects their businesses.  Hotels can begin by ensuring that they are in compliance with Payment Card Industry Data Security Standards (PCI-DSS) in order to protect their data and also to prevent penalties in the event of a data breach.  Most IT leaders recommend using enterprise-grade providers in order to secure their point-of-sale systems and their property management systems.  Hotels will need to find providers that ensure that they are in compliance with the standards required and that they are being monitored for internal and external cyber attacks.

Cyber Insurance Policies

A recent IBM and Ponemon Institute study found that the average cost of a data breach was $3.86 million in 2020.  The U.S. experiences the highest security data breach costs, with an average of $8.64 million per event.  There are numerous cyber risks that hotels need to prepare for and it is expensive to fully recover from a cyberattack, cyber insurance policies can ensure that hotels know how to properly respond to a cyberattack.  Hotels can secure coverage for legal expenses, fines, loss of income and credit monitoring.

Next Post
Hotel Panic Buttons: Which is Most Effective?
Previous Post
988 Dialing for Suicide Prevention