AI-Driven Cyberattacks: Why Hotels Must Reinforce Defenses by 2025
By 2025, worldwide end-user spending for information security will hit $212B, per a new Gartner forecast. What’s driving the need for greater (and more expensive) security? As attackers become more sophisticated and adopt more advanced tools and tactics like AI-enhanced social engineering campaigns, we can expect the threat and fall-out of cyberattacks to reach new heights in the next year. Specifically, these are the top 5 cybersecurity predictions for 2025:
1. Deepfakes in social engineering
Today, 98% of all cyberattacks rely in some part on social engineering, a method in which bad actors manipulate victims into revealing critical information. In 2025, organizations will be at even greater risk of social engineering tactics, as cyberattackers begin to employ deepfake technology to level up the sophistication of their attacks and make them more convincing—and easier to fall for.
Deepfakes are artificial images, videos, or audio recordings developed by deep learning, a type of machine learning. In the context of social engineering, deepfakes enable bad actors to more convincingly mimic the faces and/or voices of real people via either real-time or pre-recorded content. Already an attractive target for social engineering attacks, hotels’ call centers should be particularly on the lookout as deepfake technology advances and makes it harder for staff to identify fraud—and easier for malicious actors to dupe, deceive, and swipe sensitive personal or financial information.
2. Next-level phishing attacks
Beyond the growing use of deepfakes, AI will further bolster attackers’ advances in the coming years. Phishing attacks, for example, will become more personalized, more sophisticated, and more dangerous.
Phishing attacks are a type of social engineering where an attacker sends an email or SMS to victims posing as a trustworthy source, usually a boss or client. Ultimately, the attacker uses their assumed identity to deceive staff into revealing critical information.
Today, most employees have been trained to identify canned, typo-riddled phishing emails. More often than not, these messages get flagged and sent to SPAM folders before employees even lay their eyes on them. But AI-driven phishing attacks will feature messages that more closely mimic the genuine writing voice and style of the assumed sender. When hotel staff receive emails urging them to update their payroll information, remit payments, or respond to customer complaints, they will be less able to discern whether or not they're abiding by their employer's wishes—or falling into a bad actor's trap.
3. Sophisticated booking fraud tactics
Hotels present unique opportunities for cyberattackers. For one, booking systems are a treasure trove of guests’ personal and payment information, ripe for the taking. Meanwhile, many booking systems are integrated with third-party systems, e.g., payment processors, CRM tools, etc., giving attackers more possible entry points. In 2025 and beyond, as attackers gain more access to more advanced technology, the industry will face more—and more sophisticated—attacks on their booking systems.
For example, one popular tactic is phishing sites, fake booking sites created by bad actors to lure in unsuspecting guests—and trick them into inputting their payment and personal details. Similarly, bad actors draw in victims by creating sales, holiday deals, and other promotions that don’t really exist, again duping guests to fork over their money—and their data.
As booking fraud tactics advance, attackers will increasingly take advantage of new AI capabilities. For instance, with AI, attackers can create mass booking cancellations to exploit refund policies and even re-sell canceled bookings at a profit. In this new era of bot-driven fraud, bad actors will be able to conduct fraud faster and at larger scales than ever before.
4. Diversified ransomware
In 2024, the average cost of a ransomware attack is $4.88M. Looking ahead, this number will soar even higher as ransomware threats continue to evolve.
Specifically, organizations should be wary of ransomware diversification, where ransomware families (i.e., groups of ransomware variants) split. The resulting variants then evolve, adopting new, diversified attack methods to adapt to changing cybersecurity defenses and better avoid detection. In this way, each variant can become more specialized to focus on different targets and/or environments.
One way ransomware will diversify is by largely abandoning file-locking setup. Instead of encrypting victims’ files and demanding a ransom in exchange for recovery, attackers will go straight to data theft and may even threaten to leak sensitive data to the public if their demanded ransom isn’t paid. This tactic is much more efficient for attackers—and more dangerous for organizations. Again, the hospitality industry is a particularly lucrative target due to the wealth of guests’ personal and financial information.
5. AI-powered cyberattacks
A recent Netacea report surveying security leaders revealed that 93% expect AI-powered cyberattacks to become a regular occurrence by 2025. These attacks will extend well beyond phishing and other social engineering tactics.
Organizations must also keep an eye out for AI’s influence in malware as bad actors increasingly use AI to automate malware creation. Worryingly, this self-improving malware will be able to autonomously adapt and evolve mid-attack, adjusting tactics to avoid detection and maximize damage.
Suppose a hotel’s IT infrastructure becomes infected with AI-powered malware. If management systems are successfully compromised, then bad actors can interfere with everything from reservations and check-ins to internal tasks like staff scheduling, payroll, and inventory tracking. In turn, these service outages lead to business downtime, which spells loss of revenue and potential reputational damage for hoteliers. On top of that, AI-powered malware puts guests at risk. If infected, hotels may face data breaches that target guests’ records, including their personal and payment data.
Conclusion
With more sophisticated, more dangerous attacks on the horizon, hospitality organizations need to ready their systems, defenses, and teams to withstand a new class of threats. Like bad actors, security teams must pivot and stay up to date with the latest tactics and technology so they can best identify and deflect modern, AI-powered cyberattacks, like social engineering, booking fraud, and ransomware.
Perhaps the best way to stay up to date is by joining industry initiatives, like RH-ISAC, a trusted, global community of retail and hospitality organizations who come together to share cyber intelligence and industry cyber best practices. As attackers evolve, so must hospitality organizations—and now and into the future, there is power in numbers.