Warning use of AI in hospitality could lead to ‘more sophisticated' cyberattacks

08 September 2023 by
Warning use of AI in hospitality could lead to ‘more sophisticated' cyberattacks

Restaurants and hotels should "carefully consider" the risks of using generative artificial intelligence (AI) technology in their businesses before committing to it, a report has warned.

The study by global cybersecurity business Trustwave warned of the dangers of the industry's growing reliance on customer analytics platforms that are powered by generative AI.

It stated the presence of Large Language Models (LLMs), such as ChatGPT, could also lead to "more sophisticated" cybersecurity attacks as these systems are able to create "highly personalised and targeted messages".

Nearly a third (31%) of hospitality organisations have reported a data breach in their company's history, with 89% of them stating they have experienced multiple incidents in a year, according to a report by Cornell University and FreedomPay.

Trustwave's study raised concerns around the increased speed and quality at which attackers can forge phishing emails, which it warned are "the most commonly exploited" method for "gaining a foothold in an organisation".

It advised hospitality businesses to find security tools or partners that can detect AI generated threats and train staff around data sharing to minimise the risk of large-scale breaches.

It comes after Andrew Rubinacci, executive vice president of commercial and revenue strategy at Aimbridge Hospitality, warned hospitality will be "left behind" if the industry does not start embracing AI and invest in technology.

Trustwave said "the nature and scale of the hospitality industry" has created an environment that is "inherently conducive and appealing" to hackers.

The quality and quantity of data available; the prevalence of third-party software; and the reliance on a large and seasonal workforce with high turnover all contribute to the industry's vulnerability to attacks.

It added that the industry's frequent use of high-network user systems, such as public Wi-Fi, as well as accessible hardware by hotel or restaurant guests, could also heighten the risks of cyberattacks.

Hoteliers were urged to take extra care when verifying bookings from Booking.com following a rise in fake reservations being made through the website in June this year, while in September 2022, IHG, which owns 18 hotel brands, including Holiday Inn, Hotel Indigo and Crowne Plaza, reported "unauthorised activity" in its technology systems which resulted in severe disruptions to its booking channels.

The report said the hospitality industry should implement prevention measures, such as simulating phishing assessments, routinely changing passwords and regularly evaluating access controls.

Trustwave's study was titled2023 Hospitality Sector Threat Landscape: Trustwave Threat Intelligence Briefing and Mitigation Strategies.

Image: zhu difeng / shutterstock

The Caterer Breakfast Briefing Email

Start the working day with The Caterer’s free breakfast briefing email

Sign Up and manage your preferences below

Check mark icon
Thank you

You have successfully signed up for the Caterer Breakfast Briefing Email and will hear from us soon!

Jacobs Media Group is honoured to be the recipient of the 2020 Queen's Award for Enterprise.

The highest official awards for UK businesses since being established by royal warrant in 1965. Read more.


Ad Blocker detected

We have noticed you are using an adblocker and – although we support freedom of choice – we would like to ask you to enable ads on our site. They are an important revenue source which supports free access of our website's content, especially during the COVID-19 crisis.

trade tracker pixel tracking