The Daily Telegraph - Saturday - Travel
How modern tech became travel’s biggest problem
In a world of key-card failures and air traffic control meltdowns, travellers are paying for our obsession with innovation, says Ben West
In recent years, plenty of us have traipsed up to a hotel room only to find the key card doesn’t work. Greater examples of human suffering exist, but it’s annoying all the same.
However, it’s nothing compared to the cyber attack that targeted MGM Resorts in Las Vegas this month. As the entire MGM casino network went down (rows of sad, blank-screened slot machines and players unable to collect their winnings), thousands of hotel guests at the resort’s 14 Strip-side hotels were also locked out of their rooms as their key cards went offline. Worse still – and with most of their belongings on the other side of a locked door – they couldn’t use ATMs (also down), or order room service, or even buy food at restaurants without paying by cash (and how much of that do we all carry around these days?).
“The travel industry has always presented a lucrative target for attackers,” says Charlie Barr, team leader at cybersecurity experts Pentest People. “When booking a holiday, the average person is expected to supply card details for payment, their billing address and passport details for identification. A treasure trove of valuable personal information for a cybercriminal to steal and sell, to conduct fraud and identity theft.”
Occasionally when staying in (usually family-owned) traditional hotels, I’m handed an olde worlde room key connected to a heavy weight, conjuring up a simpler time, when you’d talk through your holiday ideas with a travel agent rather than have to sift through thousands of possibilities on the internet; park your car with a coin rather than need to download an app and input endless details; carry a paper air ticket rather than worry your battery will die the moment you present your smartphone boarding pass; and be armed with a book of travellers’ cheques rather than fear your credit cards will be cloned – or blocked by your bank the moment you use them overseas.
Of course, so many areas of travel have been enhanced by technology – think of computerised booking and seat selection, satnavs, facial recognition software instead of manual passport immigration checks, translation apps, Apple AirTags on your luggage, flight trackers and airport security scanners. That these scanners have become so advanced we’ll soon be able to ditch the universally hated 100ml liquids rule is, in itself, wonderful.
These tech advancements certainly make travel quicker and simpler when they work – but a complete nightmare when they don’t.
And that’s increasingly the problem. Hacking of travel-related computer systems is becoming more prevalent – indeed, a 2022 Threat Intelligence Report by Check Point Research found that the global average number of attacks against organisations in the tourism and leisure sector increased by 60 per cent from January to June 2022, compared with the first half of 2021.
And it’s all so complicated now. In the olden days, a hotel room would simply have a heater for cold days and a fan for warm ones – now there’s an aircon/ heating panel requiring a PhD in hieroglyphics to decipher.
I recently stayed at an Airbnb where the owner had actually removed all the light switches, and the lighting could only be operated by an app on your smartphone. Of course, my mobile’s operating system was incompatible, so I was reduced to buying a large number of candles. Romantic, certainly, but pretty bloody inconvenient.
Though (most) hotels haven’t gone that far yet, they more often than not confront guests with an iPad or indecipherable panel that one must master before anything at all can be turned on or off.
And then there’s the king of travel tech: air traffic control. Last month, the UK saw the biggest air traffic control meltdown in 20 years, resulting in more than 2,000 flights being cancelled. It is believed that just one incorrect flight plan caused it.
British Airways has been particularly plagued by IT failures. In May, at least 175 flights were cancelled because of computer glitches; the airline had to cancel flights just before Christmas last year; and also in 2017 for the same reason, the latter stranding 75,000 passengers over a holiday weekend.
“These incidents have highlighted the industry’s heavy reliance on complex IT systems that are vulnerable to failure,” says Jamie Akhtar, co-founder and CEO at CyberSmart. “While technology has increased efficiency and convenience, it has also centralised key infrastructure and control systems that can magnify disruptions when problems do occur. Recent failures highlight the need for better cybersecurity and perhaps less reliance on centralised networks.”
And even when all these networks do function as they should, we’ve still got travel-related cyber threats to worry about – threats which are becoming more frequent, sophisticated, disruptive and dangerous.
“The rapid digitisation of the industry, coupled with the increasing dependence on interconnected systems and the storage of vast amounts of sensitive customer data has made it a prime target for cybercriminals,” says Erfan Shadabi, cybersecurity expert at Comforte AG. “Cyberattacks on travel-related organisations have been on the rise, targeting hotels, airlines, travel agencies, and even travellers themselves. Cybercriminals are continually evolving their tactics, techniques, and procedures to bypass traditional security measures. Advanced persistent threats, zero-day vulnerabilities, and social engineering attacks are becoming more prevalent.”
So can we, as travellers, safeguard ourselves against these tech-related threats? The answer is, to some degree at least, yes.
“Back up important data and files and store copies in the cloud or on an external hard drive, in case your device is breached or stolen,” says Akhtar. “Enable auto-sync and cloud access for apps and services you use regularly. That way you can access info and content even without your main devices.
“Install VPN services on your devices to protect your data over public Wi-Fi networks. Avoid doing sensitive work like online banking on public connections. Have a backup plan in case the worst does happen.”
And when you’ve done all that? Pop a bit of local currency in your wallet. Just in case.