Threat Management

Hotel hit by ransomware attack, report of guests trapped untrue

A luxury lakeside hotel in the Austrian Alps, Romantik Seehotel Jägerwirt, recently paid a large ransom in Bitcoins, after its systems were attacked by a ransomware attack.

It was initially reported that the attack had locked hotel guests in their bedrooms until the ransom was paid. However, the owner of the hotel Cristoph Brandstaetter, told Motherboard that, “This is totally wrong, it was just a normal cyber-attack and no guests were locked in.”

Brandstaetter claimed that the ransomware attack locked the hotel out of all of its computers until a €1500 (£1300) fee was paid to the attackers.

Brandstaetter said that all 180 guests who checked in prior to the cyber-attack were able to get in and out of their rooms, the hotelier told Bleeping Computer, that international fire codes mandate that electronic hotel locks must open from the inside even in the event of system failure.

Ilia Kolochenko, CEO of security company High-Tech Bridge said: “Propagation of IoT and smart devices into our everyday lives will definitely increase the risks, frequency and the consequences of the ransomware attacks.”

The main problem, according to Brandstaetter, was the hotel was unable to issue new key cards to guests who arrived during the 24 hours that the hotel's reservation system was down.

Ultimately, Brandstaetter was forced to pay the ransom after failing to secure help from the police. “The police told us that we are one of many companies hacked recently,” Brandstaetter said. “They are trying to figure out who made the cyber-attack.”

Brandstaetter spoke of the hotel's new and improved cyber-security measures. He said, “We are planning to change the key system so that we go back to old, normal keys.”

The attack on the Romantik Seehotel is by no means one-of-a-kind. According to a recent report by Kaspersky Lab, ransomware attacks increased threefold worldwide during 2016.

Gunter Ollmann, CSO of Vectra Networks said: “Organisations that pay to release their encrypted files may be repeatedly held hostage with new periodic ransomware attacks - often by the same attackers. While some may find it humorous to read commentary from the first generation of ransomware authors stating ‘it was the victim's own fault for not having invested in their security,' today's professional hackers plan to distribute ransomware within their historical paying ‘customers' as they already know the network and know what pressures they can apply to guarantee payment.”

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.