February 01, 2017
Ransomware is an Unpleasant Guest for Austrian Hotel
On Saturday, reports emerged of a cyber attack on one of Europe’s top hotels. Romantik Seehotel Jägerwirt, in Austria, has a 5* rating and charges up to £460 a night.
According to The Local, an english-language European news site, Ransomware had struck the Austrian hotel and held more than just their data hostage. Initial reports suggested that the malware had actually locked guests in their rooms - a claim that was ‘put to bed’ by the hotel’s owner in a comment to Motherboard. Christoph Brandstaetter told Motherboard, “No guests were locked in.”
Ransomware encrypts business data, but it cannot do much more than that. It is not capable of manipulating Computer systems to hold guests against their will. All current guests were unaffected by the 24-hour downtime, but the hotel was unable to issue new room cards to any new arrivals.
The ransomware demanded was €1,500, or £1,300. Although the breach was reported to the authorities, the police were unable to help. Brandstaetter was forced to pay up.
The incident has left Brandstaetter without faith in technology. “We are planning to change the key system so that we go back to old, normal keys,” he said. “We know that other colleagues have been attacked, who have done similarly."
This isn't the first time a hotel has been struck by ransomware. The Crowne Plaza in Boston suffered a ransomware attack in 2015. Luckily, the hotel was supported by a local IT Solutions provider, TeamLogic. At their recommendation, Crowne Plaza had installed a backup and disaster recovery (BDR) solution, Datto SIRIS, so there was no need to pay the Ransom. TeamLogic simply rolled back to an uninfected backup. It took less than an hour and the hotel experienced zero downtime. Most importantly, no Ransom was paid.
To find out more about Datto and how SIRIS can protect hotels, download the case study here.