Rising ransomware attacks posing major cybersecurity threat to travel and tourism industry

Rising ransomware attacks posing major cybersecurity threat to travel and tourism industry

The travel and tourism sector has become a prime focus for cyberattacks in recent times, resulting in ransomware incidents arising from data breaches.

Against this backdrop, cybersecurity concerns within the industry have escalated with a 4 per cent year-on-year (YoY) rise in 2022, reflecting the prevailing sentiment, says GlobalData, a data and analytics company.

An analysis of GlobalData’s Company Filings Analytics Database found that sentiment for airlines, travel services, and lodging rose by 6 per cent, 4 per cent, and 1 per cent, respectively, in 2022 over 2021.

Misa Singh, Business Fundamentals Analyst at GlobalData, comments: “Companies are consistently working on information and network security projects to set up a reliable technical protection and security management mechanism to ensure customer security and prevent data leakage.

A severe data security incident can lead to operational disturbances and cause significant financial damage to the business.”

LATAM Airlines Group SA plans to have self-boarding (biometric) to advance customer experience.

The company is also starting Pre-Flight check documentation where customers can send their documents digitally before boarding.

China Eastern Airlines Corp Ltd discussed establishing a sound information and security-related management mechanism.

Booking Holdings Inc talked about SQL injection where a third party tries to insert malicious code into companies’ software through data entry fields on websites to gain control of the system using the websites as a platform.


Tourism Holdings Ltd updated its digital strategy and made investments in new technology and cybersecurity solutions.

H World Group Ltd and Mahindra Holidays & Resorts India Limited have set up an information security committee responsible for developing policies and procedures, offering data protection-related advice, protecting the security of customer data, and avoiding data leakage.

Singh concludes: “Failing to adopt appropriate technology leaves companies vulnerable to cyber threats that can have a detrimental impact on their operations.

“Investing in robust cybersecurity solutions, educating employees about cybersecurity risks, and staying up to date on cybersecurity threats can help reduce the likelihood of an attack.”

Latest News