Hotel forced to pay ransomware demand after guests were locked out of rooms

GUESTS AT A LUXURY HOTEL were locked out of their rooms after the high-tech resort was targeted with ransomware by hackers, who broke into the organisation's electronic key system and locked the doors.

Worse still, the hijacked key system also locked guests out of the bar.

The attack, which coincided with the opening weekend of the winter season when the hotel was fully booked, forced the Romantik Seehotel Jaegerwirt resort in Austria to pay up in order to let guests collect their coats from their rooms, as well as restoring access to parts of the hotel that were locked as a result.

Managing director Christoph Brandstaetter told The Local: "The house was totally booked with 180 guests, we had no other choice. Neither police nor insurance help you in this case."

However, all sympathy you might have for Mr Brandstaetter should be tempered by the fact that it was the THIRD time that the hotel has been taken over by ransomware, with the previous attack happening just months earlier.

With payment of €1,500 demanded in bitcoin, rather than Vodafone telephone cards, it's probably safe to presume that the Austrian hotel wasn't targeted by the Hitler ransomware. 

"The restoration of our system after the first attack in summer has cost us several thousand euros. We did not get any money from the insurance so far because none of those to blame could be found," he continued.

Thankfully, a "safety" feature of the system meant that guests could leave their rooms, although they would've been unable to get back in while the systems were down.

Intriguingly, Brandstaetter added that his is not the only hotel in the area to have been affected by ransomware targeting electronic key systems - indicating that attackers are targeting hotels with electronic key systems. 

It was only after this third attack that Brandstaetter realised that the hackers might just be leaving a backdoor on their systems, enabling them to come back for a top-up when they needed more dosh. IT upgrades were urgently installed and Brandstaetter said that, as a result, a fourth ransomware attempt was foiled.

And to make sure it never happens again, when the hotel undergoes its next refurbishment Brandstaetter is planning to change the locks - to "old-fashioned door locks with real keys".

If that sounds crackers, bear in mind that up to 10 per cent of British businesses have been incapacitated by ransomware in recent years. µ

• Tweet  
• Facebook  
• Google plus  
•  
•  
• Send to  

• Topics
• Security
• Security
• ransomware
• cloud computing