If another guest was the pepetrator? Yes, you can sue. Much like how you can sue the hotel if another guest beats you up. Whether you win in court depends on your lawyers and the judge.
You can find them after the fact if they still have a persistent connection to you device (logs or radio isolation). Or perhaps they admitted to the fact?
Why not go after them? Why not go after all liable parties? What if the perpetrator is not in a jurisdiction where you can sue?
Btw, lookup the APT group "darkhotel" and their activities.
How do you prove that on an unsecured network where no clients are authenticated?
Also, if you've identified the perpetrator, why not just go after them directly?