• Home
  • Latest
  • Fortune 500
  • Finance
  • Tech
  • Leadership
  • Lifestyle
  • Rankings
  • Multimedia

Trendingnow

1

FedEx CEO says we are in the middle of the biggest supply chain shift he’s seen in 35 years: ‘We are the referendum’

2

26 Meta employees accuse Mark Zuckerberg of using AI to target 8,000 layoffs against workers on medical, parental or family leave

3

Trump's 'American Flag Blue' in the Lincoln Memorial pool is already gray — and the Olympic canoer 'vandal' is fighting his arrest

1

FedEx CEO says we are in the middle of the biggest supply chain shift he’s seen in 35 years: ‘We are the referendum’

2

26 Meta employees accuse Mark Zuckerberg of using AI to target 8,000 layoffs against workers on medical, parental or family leave

3

Trump's 'American Flag Blue' in the Lincoln Memorial pool is already gray — and the Olympic canoer 'vandal' is fighting his arrest
CommentaryCybersecurity

How Travelers Can Stay Safe From Cyberattacks Over the Holidays

By
Shlomo Touboul
Shlomo Touboul
Down Arrow Button Icon
By
Shlomo Touboul
Shlomo Touboul
Down Arrow Button Icon
December 20, 2016, 10:00 AM ET
General Economy Ahead Of GDP Figures
People stand in front of Wynn Resorts Ltd.'s Wynn Palace casino resort at night in Macau, China, on Sunday, Aug. 28, 2016. Macau is scheduled to release gross domestic product (GDP) figures on Aug. 30. Photographer: Anthony Kwan/Bloomberg via Getty ImagesAnthony Kwan—Bloomberg via Getty Images
Add Fortune on Google for similar content.

This past summer, as thousands of tourists relaxed, dined, and sipped cocktails at a variety of well-known hotels, hackers were stealing their credit card data. Kimpton and HEI announced that attackers infiltrated their point of sale (POS) systems and that malware had compromised card numbers, expiration dates, internal verification codes, and in some cases, cardholder names.

With winter and the holiday travel season around the corner, the question arises: Why are hotel chains so attractive to cyberattacks, and what—if anything—can business and leisure travelers do to protect their credit cards, personal information, and travel reward accounts from criminals?

Inviting targets

Hotel chains are often behind the cybersecurity curve, making them more vulnerable to attacks. The vast majority of IT security budgets—approximately 85%—focus on perimeter protection, not post-breach detection. This means that hotel chains are mostly focusing on keeping hackers out, but once they’ve penetrated the system, there is little to stop them from having a field day completely undetected.

Hotel chains make for especially attractive targets because they hold huge databases of credit card data. Hackers have a virtual smorgasbord of options, including public Wi-Fi signals, magnetic strip door entry cards, and multiple point of sale terminals at spas, gift shops, coffee bars, and restaurants, as well as sharing programs with third parties including airlines and car rental companies. One of the reasons hotels are such low-hanging fruit is because access to their networks and the central payment server they rely on is often frighteningly easy.

All those networks are connected not only across a single property or even a specific hotel chain, but across the entire company. Tens of thousands of credit card records are added every day, along with the millions already stored in databases. Those breaches can net hackers sensitive data across an entire company spanning multiple brands.

Front desk staff, who have access to the corporate network, are trained to be friendly, well-groomed, and professional—not security-aware—making them comparatively easy targets. Infiltrating a network might be as easy as sending staff members emails that appear to be from a familiar person or business, but actually prompt them to click on a malicious link or provide sensitive information that is then used in a cyberattack—an attack method also known as “phishing.”

Once hackers have a single machine under their control, they quickly move laterally throughout the network to find and hijack payment card data. It can be as simple as finding and copying the server data that holds existing transaction data or installing malware that updates to every POS terminal, giving hackers control over tens of thousands of them and capturing every new payment or swipe.

But the problem isn’t limited to the connected networks across the corporate or backend systems. Hotels are replete with fairly unsecured public or guest access. Guests who connect to hotel Wi-Fi are taking a big risk, since hotel Wi-Fi systems are generally not well protected. Furthermore, when guests connect to hotel systems, they bring all their system vulnerabilities with them. Sending a phishing or social engineering attack to guests and taking control of their systems is child’s play for most attack tools.

 

Protecting hotels

With so many potential entry points for attackers, it’s imperative that hotel chains move to close cybersecurity gaps as quickly as possible and begin taking post-breach detection seriously. Hotels need to operate under the assumption that their networks have been breached and take proactive measures, such as making sure their cybersecurity systems alert them to attacks with information they can act on and provide real-time digital forensics so they can properly investigate the breaches.

As for travelers, avoid the guest Wi-Fi and always use your cellular network instead—particularly when accessing sensitive accounts such as those on bank and credit card sites. If you can, get a VPN—it’s worth the additional fee. And don’t assume the hotel business center computers are safe. Avoid making sensitive digital transactions while using the hotel computers and do not plug in your USB stick into that very public computer, as there are good chances it has spyware on it.

Set up two-step verification for your online accounts. Opt to use the new “smart” credit cards with chips and pins. Choose credit cards over debit cards because the process of disputing fraudulent transactions on a credit card is easier. Or as security guru Brian Krebs put it, “having your checking account emptied of cash while your bank sorts out the situation can be a hassle and lead to secondary problems (bounced checks, for instance).” Finally, be vigilant about reviewing your credit card statements and be on the lookout for fraudulent transactions.­­­­­­

Your holiday vacation should be a time to relax, not to worry about having your valuable information stolen.

Shlomo Touboul is the CEO of Illusive Networks.

About the Author
By Shlomo Touboul
See full bioRight Arrow Button Icon
Add Fortune on Google for similar content.

Latest in Commentary

Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025

Most Popular

Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Fortune Secondary Logo
Rankings
  • 100 Best Companies
  • Fortune 500
  • Global 500
  • Fortune 500 Europe
  • Most Powerful Women
  • World's Most Admired Companies
  • See All Rankings
  • Lists Calendar
Sections
  • Finance
  • Fortune Crypto
  • Features
  • Leadership
  • Health
  • Commentary
  • Success
  • Retail
  • Mpw
  • Tech
  • Lifestyle
  • CEO Initiative
  • Asia
  • Politics
  • Conferences
  • Europe
  • Newsletters
  • Personal Finance
  • Environment
  • Magazine
  • Education
Customer Support
  • Frequently Asked Questions
  • Customer Service Portal
  • Privacy Policy
  • Terms Of Use
  • Single Issues For Purchase
  • International Print
Commercial Services
  • Advertising
  • Fortune Brand Studio
  • Fortune Analytics
  • Fortune Conferences
  • Business Development
  • Group Subscriptions
About Us
  • About Us
  • Press Center
  • Work At Fortune
  • Terms And Conditions
  • Site Map
  • About Us
  • Press Center
  • Work At Fortune
  • Terms And Conditions
  • Site Map
  • Facebook icon
  • Twitter icon
  • LinkedIn icon
  • Instagram icon
  • Pinterest icon

Latest in Commentary

Europe optimized its supply chains for cost. Now it must pay for resilience  
Commentarysupply chains
Europe optimized its supply chains for cost. Now it must pay for resilience  
By Richard SaynorJuly 16, 2026
14 hours ago
tony
Commentarydisruption
Genesys CEO: We can see firsthand how AI is changing — not replacing — work
By Tony BatesJuly 16, 2026
16 hours ago
d
CommentaryParenting
New School economist: Trump Accounts will widen America’s wealth gaps
By Darrick HamiltonJuly 16, 2026
18 hours ago
cape
CommentaryWorld Cup
The legend of Cape Verde: How an island of half a million built the best team at the World Cup
By André MartinJuly 16, 2026
19 hours ago
sb
Commentarynational debt
The national debt is over 100% of GDP and most of Congress is ignoring wishes to rein it in. It’s time to amend the Constitution
By Steve H. Hanke and David M. WalkerJuly 15, 2026
2 days ago
Is your AI really working? Why productivity isn’t the same as progress
Future of WorkBrainstorm Tech
Is your AI really working? Why productivity isn’t the same as progress
By Jamie GarverickJuly 15, 2026
2 days ago

Most Popular

FedEx CEO says we are in the middle of the biggest supply chain shift he’s seen in 35 years: ‘We are the referendum’
C-Suite
FedEx CEO says we are in the middle of the biggest supply chain shift he’s seen in 35 years: ‘We are the referendum’
By Fortune EditorsJuly 15, 2026
2 days ago
26 Meta employees accuse Mark Zuckerberg of using AI to target 8,000 layoffs against workers on medical, parental or family leave
Law
26 Meta employees accuse Mark Zuckerberg of using AI to target 8,000 layoffs against workers on medical, parental or family leave
By Barbara Ortutay, Alexandra Olson and The Associated PressJuly 15, 2026
2 days ago
Trump's 'American Flag Blue' in the Lincoln Memorial pool is already gray — and the Olympic canoer 'vandal' is fighting his arrest
Politics
Trump's 'American Flag Blue' in the Lincoln Memorial pool is already gray — and the Olympic canoer 'vandal' is fighting his arrest
By Matthew Daly and The Associated PressJuly 16, 2026
16 hours ago
Buffett says AI giants are ‘playing a game they don’t want to play’ in the AI race, reveals he was behind Berkshire’s $31 billion bet on Google
Big Tech
Buffett says AI giants are ‘playing a game they don’t want to play’ in the AI race, reveals he was behind Berkshire’s $31 billion bet on Google
By Mia OsmonbekovJuly 16, 2026
10 hours ago
He sold his last company to Palantir. Now he's betting $32 million that robots can fix construction's labor crisis
Innovation
He sold his last company to Palantir. Now he's betting $32 million that robots can fix construction's labor crisis
By Lily Mae LazarusJuly 15, 2026
2 days ago
JPMorgan CEO Jamie Dimon says 300,000 workers are needed to rebuild American shipbuilding—with jobs paying $100,000 without a college degree
Success
JPMorgan CEO Jamie Dimon says 300,000 workers are needed to rebuild American shipbuilding—with jobs paying $100,000 without a college degree
By Preston ForeJuly 16, 2026
14 hours ago

© 2026 Fortune Media IP Limited. All Rights Reserved. Use of this site constitutes acceptance of our Terms of Use and Privacy Policy | CA Notice at Collection and Privacy Notice | Do Not Sell/Share My Personal Information
FORTUNE is a trademark of Fortune Media IP Limited, registered in the U.S. and other countries. FORTUNE may receive compensation for some links to products and services on this website. Offers may be subject to change without notice.