Threats Facing the Middle East's Hospitality and Leisure Sector in 2025 - Middle East Business News and Information
Ram Narayanan, Country Manager at Check Point Software Technologies, Middle East, examines the rising cyber threats targeting the region's hospitality and leisure sector in 2025.
The Middle East's hospitality and leisure sector is experiencing rapid growth, accompanied by a surge in cyber security challenges. As organizations continue their digital transformation, the hospitality sector in particular, is becoming a prime target for cyberattacks. From major data breaches to sophisticated malware campaigns, businesses in the UAE and across the region need to strengthen their defences to protect sensitive customer data and maintain trust.
A Rising Tide of Cyberattacks
In the past six months, organizations in the Middle East have faced an average of 2,215 cyberattacks per week, significantly higher than the 1,682 attacks per week observed across Europe, the Middle East, and Africa (EMEA). The UAE, along with Turkey and Saudi Arabia, continues to be a major target for cybercriminals due to its extensive adoption of digital technologies and the presence of international enterprises, making it an attractive target for threat actors exploiting vulnerabilities.
Among the prevalent malware affecting the region are FakeUpdates, Androxgh0st, and Formbook, often infiltrating systems through phishing emails and social engineering tactics. Notably, 77% of malicious files in the Middle East were delivered via email in the past 30 days, highlighting the persistent threat posed by phishing campaigns.
The Evolving Cyber Security Threat Landscape
The threat landscape in the region is growing increasingly complex. Nation-state actors now employ AI-driven strategies, including disinformation campaigns and disruptive malware, to destabilize digital infrastructures. While these attacks may not immediately cause widespread damage, they pave the way for future exploits targeting emerging vulnerabilities.
Ransomware poses another significant threat, with criminals shifting from encrypting data to extorting it through data leaks. The healthcare and hospitality sectors, handling substantial amounts of personal data, are prime targets for these increasingly targeted attacks.
Infostealers: The Silent Threat
Infostealers have seen a 58% increase in attacks globally in 2024, particularly targeting sensitive corporate credentials and tokens, focusing on Bring Your Own Device (BYOD) environments. As UAE companies adopt flexible work environments, attackers increasingly exploit these vulnerabilities to gain initial access and exfiltrate valuable data.
The surge in infostealer attacks means businesses must be vigilant, with businesses urged to deploy advanced monitoring and detection systems to identify suspicious activities early and mitigate the risk of data breaches.
Cyberattacks in the UAE Hospitality Sector
The UAE's hospitality industry faces these emerging threats. In January 2025, a significant breach was reported involving a hotel management platform which suffered a data breach that exposed guest information. The breach resulted in the theft of nearly eight terabytes of data, including sensitive personal details from major hotel chains. This incident underscores the vulnerability of the hospitality sector in the UAE, which is increasingly reliant on cloud-based systems for guest data management and reservations.
Additionally, the rise of CopyRh(ight)adamantys phishing campaigns, employing Rhadamanthys stealer malware, has impacted UAE entertainment and hospitality sector. These campaigns impersonate various companies to steal credentials, posing substantial risks to businesses reliant on online transactions and customer data.
Securing the Future: What UAE Organizations Can Do
As cyber threats escalate in sophistication, UAE hospitality organizations must take immediate action to enhance their cybersecurity posture. Key actions include:
Employee Awareness and Training– Implement regular cyber security training to empower employees in identifying phishing attempts and other social engineering tactics. Advanced Threat Detection– Utilize AI-powered security tools for faster threat detection and response, minimizing the impact of attacks. Cloud Security and Configuration Management– Strengthen cloud security practices to mitigate risks associated with misconfigurations and poor API security in hybrid environments. Incident Response and Recovery– Develop comprehensive incident response plans to minimize downtime and restore operations swiftly after a cyberattack, preventing client trust.
Regular Vulnerability Scanning– Conduct routine audits to identify and patch vulnerabilities in edge devices and systems proactively.
As the UAE's hospitality sector expands, it faces increasing cyber threats that demand proactive defence strategies. By investing in robust cyber security measures, prioritizing employee training, and leveraging advanced technologies, businesses can safeguard their digital infrastructure and protect clients data in an increasingly hostile digital landscape.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Yahoo
20 minutes ago
- Yahoo
Bank of Canada governor talks fighting inflation in a ‘shock-prone' world
Bank of Canada governor Tiff Macklem sat down for a one-on-one interview with The Canadian Press after the central bank held its benchmark interest rate steady on June 4, 2025. He discusses how the central bank can – and can't – address issues like housing affordability while still keeping inflation under wraps. (June 7, 2025)
CNA
20 minutes ago
- CNA
Norway dare to dream big again after a quarter century of heartbreak
After a quarter of a century of near misses and heartbreak, Norway's rout of Italy in their World Cup qualifier has reignited the country's hope of a return to international football's biggest stage. There was little doubt that Norway were the better team on Friday as they easily dominated Italy in Oslo, pushing on until the scoreboard read 3-0 and taking a big step towards next year's World Cup. For supporters of the Norwegian team, the result has sparked a glimmer of hope in hearts that have been broken many times over the past decades. Norway have not participated in an international football tournament since the European Championship in 2000, which was hosted in Belgium and the Netherlands. There have been many close calls since then, with the margins consistently going against the squad, but now there is a shift in attitude after Norway dominated against the four-times world champions. "I am 100 per cent sure", former Norway, Denmark and Iceland coach Age Hareide told newspaper VG when asked if Norway would go to the World Cup. SOLID STATISTICS Norway are in pole position in Group I with nine points out of nine and a goal surplus of 10. Israel, Estonia and Moldova are the other nations in the group. The Football Meets Data statistics platform gives Norway a 77 per cent chance of winning the group and qualifying directly for the tournament hosted by the United States, Canada, and Mexico. Key striker Erling Haaland, who put himself on the scoresheet against Italy, agreed with the statistics. "We are too good not to play in championships. I will play both the World Cup and the European Championship. Not to put pressure on myself but I will," he told Norwegian broadcaster NRK. While World Cup fever in Norway is reaching a point not seen since 1998, when Norway last participated, manager Stale Solbakken, wise from experience, is lowering expectations. "It is a coach's misfortune that I have to concentrate on the next match, so you can enjoy yourselves and ask those questions. I would have liked to say that it was 100 per cent certain but I can't," he told reporters after Friday's game.
Al Jazeera
20 minutes ago
- Al Jazeera
ICE launches ‘military-style' raids in Los Angeles: What we know
Los Angeles witnessed a series of coordinated immigration raids by United States law enforcement officials on Friday, resulting in the arrest of dozens and igniting widespread protests. The raids, which were carried out in a military-style operation, have intensified concerns about the force used by federal immigration officials and the rights of undocumented individuals. Here is what we know about the raids and the latest on the ground. Federal agents from US Immigration and Customs Enforcement (ICE), the Department of Homeland Security (DHS), the Federal Bureau of Investigation (FBI) and the Drug Enforcement Administration (DEA) conducted a series of 'immigration enforcement operations' across Los Angeles on Friday morning. Individuals suspected of 'immigration violations and the use of fraudulent documents' were arrested. The arrests were carried out without judicial warrants, according to multiple legal observers and confirmed by the American Civil Liberties Union (ACLU). The Los Angeles Police Department (LAPD), which did not take part in the raids, was called in to quell ensuing protests. The raids were part of a broader initiative under the Trump administration's intensified immigration policies. The raids focused on several locations in downtown LA and its immediate surroundings. These spots are known to have significant migrant populations and labour-intensive industries. Angelica Salas, executive director of the Coalition of Humane Immigrant Rights (CHIRLA), which covers California, said advocates had recorded enforcement activity at seven sites. This included two Home Depot stores in the Westlake District of Los Angeles, a doughnut shop and the clothing wholesaler, Ambiance Apparel in the Fashion District of downtown Los Angeles. Other locations in which raids were carried out included day labour centres and one other Ambiance facility near 15th Street and Santa Fe Avenue in south Los Angeles. ICE and Homeland Security Investigations (HSI) reported the 'administrative arrest' of 44 individuals for immigration-related offences. An administrative arrest, unlike a criminal arrest, refers to detention for civil immigration violations such as overstaying a visa or lacking legal status, and does not require criminal charges. These arrests can result in detention, deportation, temporary re-entry bans and denial of future immigration requests. Advocates believe the number of arrests made was higher, however. Caleb Soto, of the National Day Laborer Organizing Network, told Al Jazeera that between 70 and 80 people had been detained, but only three lawyers have been allowed access to the detention centre where they were being held to provide legal advice. Additionally, David Huerta, president of the Service Employees International Union (SEIU) California, was arrested for allegedly obstructing federal agents during the raids. Huerta was reportedly injured during the arrest and received medical treatment at Los Angeles General Medical Center before being taken into custody. What sets these raids apart from typical civil enforcement actions was their military-style execution, experts say. According to witnesses, legal observers and advocacy groups, federal agents involved in the operations were heavily armed and dressed in tactical gear, with some wearing camouflage and carrying rifles. Agents arrived in unmarked black SUVs and armoured vehicles and, at certain points, sealed off entire streets around targeted buildings. Drones were reportedly used for surveillance in some areas and access to sites was blocked off with yellow tape, similar to measures which would be taken during a high-threat counterterrorism or drug bust operation. The ACLU described the show of force as an 'oppressive and vile paramilitary operation'. Civil liberties groups said the tactics used had created panic in local communities and may have violated protocols for civil immigration enforcement. As news of the raids spread via social media and through immigrant advocacy networks, hundreds of protesters gathered outside the Edward R Roybal Federal Building in downtown Los Angeles, where detainees were being processed. Demonstrators blocked entrances and exits to the building, chanted slogans and demanded the release of those arrested. Some spray-painted anti-ICE slogans on the building's exterior walls. Several protesters attempted to physically stop ICE vehicles, leading to confrontations with law enforcement. LAPD officers issued dispersal orders and warned protesters that they would be subject to arrest if they remained in the area. To enforce the order, officers in riot gear deployed tear gas, pepper spray and 'less-lethal munitions', including firing rubber bullets to disperse the crowd. A citywide tactical alert was also issued, requiring all LAPD officers to remain on duty. Shortly after 7pm on Friday [02:00 GMT Saturday], the LAPD declared the protests to be an 'unlawful assembly', meaning that those who failed to leave the area could be subject to arrest. The declaration appeared to remain in effect until the crowd dispersed later that evening, though no formal end time was publicly announced. US media outlets and rights groups reported that hundreds of detainees, including children, were held overnight in the basement of the federal building without access to beds, blankets or adequate food and water. However, an ICE spokesperson told CBS News that the agency 'categorically refutes the assertions made by immigration activists in Los Angeles', stating that it takes its mandate to care for people in custody 'seriously'. The status of all individuals detained remains unclear. While some have been released, others continue to be held and details about their current locations or conditions have not been fully disclosed. Local and state officials condemned the raids and the manner in which they were conducted. In a statement shared on X on Friday, Los Angeles Mayor Karen Bass said such operations 'sow terror in our communities and disrupt basic principles of safety in our city'.California Governor Gavin Newsom issued a statement describing the operations as 'cruel' and 'chaotic', adding that they are an attempt 'to meet an arbitrary arrest quota'. All 15 members of the Los Angeles City Council issued a joint statement denouncing the raids. Some Trump administration officials, on the other hand, defended the actions and criticised local leaders for pushing back. White House Deputy Chief of Staff Stephen Miller, for instance, suggested that Mayor Karen Bass was undermining federal law.
