HEALTH & SAFETY
DATA CHECKS OUT
YOUR WI-FI ISN’ T JUST A PERK FOR YOUR GUESTS … IT’ S A CYBER WELCOME MAT – AND HACKERS DON’ T NEED A ROOM KEY WHEN YOUR NETWORK’ S WIDE OPEN.
Open Wi-Fi networks and guest connectivity services are now standard in hospitality. Yet Lukas Pelser, Solutions Engineer at Sophos, notes that this sense of normality can hide real danger.
“ Because Wi-Fi feels routine, people forget that it can be a direct doorway for attackers” he says. A compromised network in a hotel restaurant or café can provide access to sensitive systems, guest data business operations and even wider corporate networks.
“ Every nearby access point is effectively a door into your business network. If that door isn’ t secured properly, attackers can get inside without ever stepping foot on-site,” says Sasha Slankamenac, Architect in the Office of the CTO and Practice Lead: AI at Dariel.
With ransomware costs escalating in South Africa hospitality and F & B organisations cannot afford to treat guest Wi-Fi as a simple convenience. It must be secured as part of the business’ s cyber risk profile.
According to Pelser, findings from the State of Ransomware in South Africa 2025 show how serious the threat has become.“ Sixty-percent of South African organisations hit by ransomware found their data encrypted and 39 % also suffered data theft,” explains Pelser.“ Meanwhile, the median ransom demand has surged to around R18 million, and the median ransom paid rose to approximately R8.3 million. These figures illustrate that ransomware is no longer just a technical incident; it is a major business and reputational risk.”
How Wi-Fi becomes the weak link
In many hospitality settings, a single Wi-Fi system supports guest access, back-office operations, POS terminals, inventory systems and a growing list of IoT devices such as smart lighting thermostats and guest room sensors.
“ Once a hacker gains a foothold through Wi-Fi, they can move laterally to access files, systems, or credentials that would normally sit safely behind a firewall,” notes Slankamenac.“ It’ s not a matter of if they’ ll try – it’ s a matter of how easy you make it for them.”
Some of the most common scenarios include:
• A guest connects a compromised device to guest Wi-Fi that shares infrastructure with critical internal systems.
• IoT devices with weak credentials or outdated firmware sit on the same access layer and become easy entry points.
• Public-facing Wi-Fi portals rely on simple credentials or captive portal logins without strong isolation.
• Smaller hospitality outlets often lack dedicated IT security staff which reduces their ability to monitor Wi-Fi traffic and detect malicious activity.
The South African ransomware survey highlights compromised credentials as the leading root cause at 34 %, followed by exploited vulnerabilities at 28 % and malicious email at 22 %. In hospitality environments, these risks often translates to weak or shared Wi-Fi passwords, outdated or unpatched firmware and unsecured network devices that attackers can easily exploit.
Pelser stresses that this is not hypothetical.“ Attackers go for the easiest door and badly protected Wi-Fi is often that door” he explains.
For hospitality and F & B organisations the cost of ransomware extends far beyond paying a ransom. Operational disruption can be immense. Reservations systems may go offline, POS terminals may stop working and guest trust can take a serious hit. There are also potential privacy implications and long recovery periods. The average cost to recover from ransomware in South Africa now stands at roughly R24 million even before ransom payments are considered. For many
128 TRADE & TASTE / 2026