Back ZIUR warns of a rise in cyberattacks in the tourism sector and trains travel agencies in Gipuzkoa to strengthen their digital security

2026 / 04 / 16
Gipuzkoako Bidaia Agentzien Elkartearekin (Bidaikide) batera, jardunaldi teoriko-praktiko bat egin du enpresek zibererasoen aurrean detekzio- eta erantzun-gaitasuna hobetu dezaten.

ZIUR warns of a rise in cyberattacks in the tourism sector and trains travel agencies in Gipuzkoa to strengthen their digital security

Together with the Association of Travel Agencies of Gipuzkoa (Bidaikide), it has held a theoretical-practical workshop aimed at helping companies improve their ability to detect and respond to cyberattacks

ZIUR, the Industrial Cybersecurity Center of Gipuzkoa, has delivered a theoretical-practical session aimed at travel agencies across the territory to enhance their capacity to detect and respond to cyberattacks, in a context of increasing pressure on the tourism sector from cybercriminals.

The travel agency and tour operator sector has become one of the most exposed to digital security incidents, due to the high volume of personal and financial data it handles. According to sector data, these activities accounted for 29% of incidents in the tourism sector in 2024, making it the second most affected subsector.

The session, organized together with the Association of Travel Agencies of Gipuzkoa (Bidaikide), took place at the Federation of Retail Merchants of Gipuzkoa and was attended by around a dozen professionals, both in person and online.

It is important to note that these SMEs do not have their own IT department, although they rely heavily on the Internet for their daily operations. They regularly use online platforms such as GIAV, Ofiviaje, and similar tools for booking management and ticket issuance. In addition, they handle the sending of contracts and documentation via email, which involves frequent processing of personal and banking data. This is complemented by the regular execution of transfers to suppliers as part of their day-to-day activities.

During the session, ZIUR specialists Iñaki Torrecilla, ICS Security Architect, and Markel Gómez, cybersecurity analyst, presented the main types of attacks affecting the sector, with particular focus on phishing, smishing, vishing, and ransomware.

Among the most relevant risk vectors, the experts highlighted the theft of credentials for accessing booking platforms, the infection of management systems through ransomware, and supplier impersonation involving fraudulent changes to bank account details.

Participants received operational recommendations to strengthen their cybersecurity, focusing on the use of strong passwords, up-to-date antivirus solutions, backup systems, and the secure use of cloud services.

Finally, ZIUR informed the agencies about a new call for grants from the Provincial Council of Gipuzkoa, endowed with €400,000. These grants are structured in two lines: one aimed at implementing detection and response services (SOC, SIEM/SOAR, and applied artificial intelligence) and developing cybersecurity plans; and another focused on the modernization of OT infrastructures, including network segmentation, device hardening, and industrial traffic monitoring.