You’ve just arrived at the hotel after a delayed flight and a half-hour wrangle with the car-hire firm. And then you remember that you’ve forgotten to pay last month’s credit card bill, and there’ll be an interest charge if you wait until you’re back at base. But – hey! – you can do it online and help is at hand. The receptionist is welcoming and helpful. They have wifi and it’s free. Relieved, you ask for the password. “Oh, you don’t need one,” he replies. “Just type in your room number and click the box.”
Phew! Problem solved. Er, not necessarily. At this point the human race divides into two groups. Call them sheep and goats. Sheep are sweet, trusting folks who like to think well of their fellow humans. Surely that helpful receptionist would not knowingly offer a dangerous service. Also, they find digital technology baffling and intimidating. And they cannot imagine why anything they do online might be of interest to anyone.
Goats, on the other hand, have nasty, suspicious minds. They believe that many of their fellow humans may be up to something. They believe that, in this networked world, only the paranoid survive. So when they see an open, free wifi network they smell a rat. And they would never, ever send confidential information via such a channel.
Sadly, in this particular context, the goats are wiser than the sheep. They know that hotel chains have become a coveted target of hackers. Many of the industry’s biggest operators have reported data breaches in recent years, including big names such as Hilton, InterContinental, Marriott and Hyatt. Most of these attacks, according to Bloomberg, are focused on the property management systems (PMS) used by hotel chains to take reservations, issue room keys and store credit card data.