Cybercriminals Checking Into Hotel POS Systems


Before the age of the credit card, securing hotels was as simple as keeping all the keys behind the front desk in order. However, it’s becoming increasingly apparent that hackers are no longer taking heed of hotel’s digital Do Not Disturb signs when it comes to cybercrime.

Financial Times recently reported that several experts have pointed to the hospitality industry as the next hotbed of nefarious Internet activity. Since many hotels and resorts rely on software services from a few key providers, the potential for illicit access is high, and Tom Kellerman, chief cybersecurity officer at SaaS firm Trend Micro, told FT that a virus his company is tracking is already wreaking havoc on the hospitality industry as experts debate.

“This type of virus can compromise 95 percent of the POS systems on the planet,” Kellerman said. “Customers should be very concerned because, in general, the industry has insufficiently invested in cybersecurity.”

The news shouldn’t come as a complete surprise to industry observers who’ve been paying attention. FT noted that high-profile hotel and resort chains, like Hilton Hotels, Starwood Hotels & Resorts, Mandarin Oriental and the Trump Collection all reported some kind of cybercrime activity during 2015, and with no measureable progress made toward heightening security over networks as common as Wi-Fi, Stuart Poole-Robb, CEO of KCS Group, said that it could be an uphill climb for many hotels.

“Their IT security is only just catching up,” Poole-Robb said. “Hoteliers don’t take much notice of hackers sitting in their lounges hacking guests’ Wi-Fi.”

If hotels are going to ask for customers to let go of their worries and spend their dollars on relaxation, ensuring they’re not aiding cybercriminals might be a good step in that direction.



The pressure on banks to modernize their payments capabilities to support initiatives such as ISO 20022 and instant/real time payments has been exacerbated by the emergence of COVID-19 and the compelling need to quickly scale operations due to the rapid growth of contactless payments, and subsequent increase in digitization. Given this new normal, the need for agility and optimization across the payments processing value chain is imperative.