New Research Report: How Threat Actors are Attacking Hotels, Resorts, and Casinos

Cybercrime is on the rise as organizations around the world become increasingly connected and digitized. While communication and business transactions are more streamlined than ever, threat actors have endless vectors to launch their attacks.

Organizations in the Gaming, Leisure and Hospitality industry face increasingly frequent cyberattacks, and have to navigate a unique set of challenges compared to businesses in other industries. The Hospitality industry, which for this report includes hotels, resorts, casinos and other leisure/travel businesses, has been the victim of numerous high-profile data breaches in recent years. This includes the highly-publicized Marriott breach that exposed over 383 million customer records.

IntSights has published a report on the state of cybercrime in this sector – Gaming, Leisure & Hospitality Industry Cyber Threat Report (March 2019) – to help organizations in the industry understand the threats they face.

Why are cybercriminals targeting the hospitality industry?

Hotel and resort chains have wide geographic footprints and highly connected systems, giving threat actors numerous entry points to exploit. They also have substantial brand and digital marketing properties, opening the door for threat actors to target their customers with phishing scams and fraud schemes. Since hotels and resorts maintain databases of personal information – addresses, credit card numbers, account login info, etc. – hackers can score lucrative returns if they successfully penetrate the network.

Many hotels do not have sufficient security solutions in place. Their complex networks make it difficult to secure all vulnerabilities, and the recent rise in attacks targeting these organizations means their data is at serious risk. Between hackers launching cyberattacks for financial gain, scammers impersonating prominent brands to steal login credentials, and even nation-state or APT groups targeting hotel systems for espionage purposes, the list of potential threats facing these organizations is long and growing.

What’s in the report?

In this report, we provide an overview of the key challenges, attack vectors, threat actors and trends facing organizations in the Gaming, Leisure & Hospitality industry. We offer detailed commentary on:

  1. Why the hospitality industry is under cyber-siege
  2. Where hotels and resorts are being exploited
  3. What kinds of attacks they are facing
  4. Who the hacking and nation-state groups committing the attacks are
  5. When some of the more notable attacks have taken place in recent years
  6. How organizations can start thinking proactively about protecting their systems from imminent cyberattacks.

The report also provides exclusive looks at real dark web activity our analysts have captured, demonstrating how cybercriminals sell personal guest data, expose login credentials, and coordinate new attack strategies. Many attacks originate from these kinds of information exchanges on the dark web, highlighting the need for intelligence organizations to protect themselves better.

Cyberattacks have become more sophisticated and frequent in the hospitality sector, so it’s critical to keep up with the latest trends, attack vectors and protection best practices to defend your organization and reduce your risk of being exposed.

Keep your organization protected from cyberattacks in the hospitality industry. Download your copy of the Gaming, Leisure and Hospitality Industry Cyber Threat Report (March 2019).

Download Now

Stay up to Date!

Subscribe to the blog to stay up to date with all the latest industry news and updates from IntSights.