ACID Technologies provides the hotel industry with 24/7/365 dark web monitoring services, while also monitoring multiple additional sources and platforms. When detecting a threat, ACID sends real-time, actionable alerts with all available information, to enable the targeted hotel chain or specific hotel to effectively respond to the threat and mitigate its harmful impact, whether service disruption (reservations system, room door lock system, etc.), ransom demand, data theft or other.

What makes hotels vulnerable to cyber attacks?

At the HITEC 2024 event attended by hospitality industry leaders, the following vulnerabilities were discussed, as reported by HOTEL.report: 

• Hotel employees, who are trained to be very hospitable toward guests on the one hand, while on the other hand, to be accommodating to requests made by people who have gained their trust, are not sufficiently knowledgeable in cybersecurity and aware of the risks. Consequently, they can easily fall prey to cybercriminals who exploit their lack of awareness and knowledge to carry out ransomware and phishing attacks.
  
  
• Failure to understand the need for cybersecurity among executives who try to avoid spending more money to protect their IT systems. Some of the reasons given, particularly by owners of small hotels but not only, is that they don’t consider themselves to be at risk, that cybersecurity does not generate revenue, and that they believe that in-house IT teams can adequately meet their cybersecurity needs.

Regretfully, in the case of ransomware attacks, for example, the cost, even in monetary terms alone, can be exponentially higher than the cybersecurity solution that can help protect them from such attacks. ACID’s cost-effective solution was developed to do precisely that.

What are some of the recent cyber attacks targeting the hospitality industry?

• In March 2024, a ransomware attack perpetrated by the Daixin Team group targeted the Omni Hotel & Resorts chain. The chain operates a large number of hotels in North America and employs a staff of more than 14,000. On April 2^nd, Omni confirmed that a cyber attack was the reason behind the outage of its IT systems throughout the country. The attack impacted its reservations system, room door lock system, WiFi and phones, as well as its point-of-sale system. In a later update, Omni confirmed that guest data had been stolen, including names, postal addresses, email addresses and guest loyalty program details, but excluding financial information. The hotel chain’s systems were restored on April 8^th. Daixin Team added the Omni chain to its dark web leak site about two weeks after the attack was launched and threatened to leak customer information dating back to 2017.
  
  
• One of the most severe cyber attacks in the hotel industry took place in September 2023. It targeted MGM Resorts, one of the world’s largest hotel & casino operators, and disrupted the operation of some of its most well-known properties in Las Vegas, including the Cosmopolitan, Bellagio and Mandalay Bay. It also impacted MGM hotels in other locations. Among the systems affected by the attack were digital key cards, online reservations and electronic payment systems. Consequently, staff were forced to execute some transactions on paper, and waive cancellation and change fees for some bookings. The Scattered Spider group, which is believed to operate under or with the ALPHV / Black Cat ransomware gang, took responsibility for the attack. Its results: More than $100 million in costs, the theft of personal guest information (name, contact information, gender, date of birth, driver’s license number and in some cases, passport details), and a drop in occupancy.

ACID‘s cost-effective solution can significantly improve the cybersecurity profile of hotel chains and hotels.

ACID deploys clusters of robots, implements sophisticated algorithms, injects avatars and uses crawlers imitating regular user activity to perform continuous dark web monitoring in order to detect signs of impending attacks even while still in their planning stage, attacks that are in progress, and leaked data indicating that the hotel’s or hotel chain’s systems have been breached and compromised. Client-specific keywords are used, and relevant language/s chosen for optimal monitoring results – particularly important for hotel chains operating properties across countries and continents. Once a threat is detected on the dark web or on any other of the multiple sources monitored, ACID sends real-time alerts to the victim, to enable it to implement countermeasures to diminish the impact of the attack, or perhaps foil it altogether.