Skip to content

January 30, 2017

No mini-bar for you: Luxury hotel pays up after virus locks guests out of rooms

by John_A

Why it matters to you

Ransomware isn’t going away, and this attack on a hotel’s key card network shows cybercriminals are getting more creative.

The targets for ransomware attacks continue to get stranger. Over the weekend it was reported that a luxury hotel in Austria paid about $1,600 in bitcoin to retrieve its systems. The attack had even compromised the hotel’s electronic key card network, locking guests out of their rooms.

The Romantik Seehotel Jaegerwirt hotel in Turracher Höhe, Austria, said it has been targeted numerous times by ransomware attacks, but is only going public with this information now as a warning to others.

In this particular attack, the culprits managed to freeze the hotel’s system for managing key cards. The incident meant once a guest had left the room, they couldn’t re-enter, and new cards couldn’t be programmed. As a result, hotel staff had to resort to a separate internal system for locking and unlocking doors. The hotel’s reservation management system and cash desk was also affected. The disruption lasted for about 24 hours.

More: Ransomware locked over 700 of its computers, but St. Louis library system refused to pay

It appears the hackers timed the attack quite well as it was the opening of skiing season, the 111 year old hotel’s busiest period. “The house was totally booked with 180 guests, we had no other choice. Neither police nor insurance help you in this case,” said Christoph Brandstaetter, managing director of the hotel, on the decision to cough up the money.

According to Brandstaetter, his hotel was attacked by more conventional ransomware last summer as well, which cost the business thousands of euros in IT costs. The most recent hack, meanwhile, forced the business to pay a Bitcoin ransom worth about $1,600.

“Every euro that is paid to blackmailers hurts us. We know that other colleagues have been attacked, who have done similarly,” said Brandstaetter.

Once paid, the hackers restored all the systems, which was good news for The Romantik Seehotel Jaegerwirt, but paying off a ransom is never a guarantee that you’ll get your systems back running. The hotel almost learned this the hard way, as the cybercriminals attempted yet another attack after the ransom was paid. That attempt was only thwarted by the installation of new hardware.

Now, to prevent a similar fate in the future, the hotel’s managers are going a little old school: “We are planning at the next room refurbishment for old-fashioned door locks with real keys. Just like 111 years ago at the time of our great-grandfathers.” In this case, it seems old technology is the best way to prevent a high-tech attack.

Read more from News

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Note: HTML is allowed. Your email address will never be published.

Subscribe to comments