It used to be that a couple of misspelled words, some bad grammar and something just ... feeling generally off was enough to figure out that email belongs in the trash.
Now, with the general availability of artificial intelligence tools, most notably ChatGPT, hackers are able to write better phishing emails that are more likely to look like a legitimate email. They can also increase their output both in volume and speed.
The Wall Street Journal recently reported on how cybercriminals have been using AI to aid their efforts to gain access to companies' sensitive data.
Lukasz Olejnik, an independent cybersecurity researcher and consultant, told the newspaper that hackers are using language models that are similar to generative-AI tools to write phishing emails or the malware itself much faster. That means hackers can take on tasks themselves that previously would have required many more people.
Diego Souza, chief information security officer at manufacturer Cummins, told the Wall Street Journal that the phishing emails created through generative tools are much more sophisticated and better impersonate real emails from real people.
Several outlets have reported similar stories, including ABC News, CNBC and the Guardian.
So yeah, as if things weren't difficult enough, right? Years of training employees how to be on the lookout for suspicious emails, watching for certain clues to figure out whether an email is real and now there's this curveball.
I don't think anyone reading this needs to be reminded of the big target on the hotel industry's back. It's standard business practice for hotels to amass guests' personally identifiable information and credit card numbers.
Companies big and small have been hit with cyberattacks, some that have gone undetected for years. Most recently, we saw MGM Resorts International was subjected to a ransomware attack.
That means hotel companies need to make further investments into their cybersecurity efforts, especially in ways that can help detect and warn against AI-assisted hacking attempts. That likely means fighting fire with fire.
“Advanced technologies such as machine learning algorithms, anomaly detection and real-time monitoring can play a pivotal role in identifying and responding to potential security breaches or malicious activities,” Kyle Kappel, U.S. leader of cyber at KPMG, told CNBC. “By leveraging these tools, organizations can enhance their ability to detect, prevent, and respond to security events effectively.”
Talk with the team members leading your company's cybersecurity efforts. Make sure they have the resources and training they need to then protect you, your company and your guests. It's not necessarily an area that has an obvious return on investment, but with the right investments, it can definitely help prevent significant losses.
You can reach me at bwroten@hotelnewsnow.com as well as LinkedIn.
The opinions expressed in this column do not necessarily reflect the opinions of Hotel News Now or CoStar Group and its affiliated companies. Bloggers published on this site are given the freedom to express views that may be controversial, but our goal is to provoke thought and constructive discussion within our reader community. Please feel free to contact an editor with any questions or concern.