This article is more than 1 year old

Ransomware avalanche at Alpine hotel puts room keycards on ice

If at first you succeed, try, try again, think extortionists

A top Austrian hotel coughed up thousands in ransom to cybercrooks, who hacked its computer system and locked guests out of their rooms until the money was paid.

The Romantik Seehotel Jaegerwirt went public with its problems as a warning to other hotels. This is the second time the four-star destination has been hit.

The latest attack left the Jaegerwirt unable to program room keycards – thus preventing arriving guests from getting into their rooms – and also infiltrated the reservation and cash desk systems. The extortionists demanded €1,500 (US$1,605), according to reports.

Sales terminals in hotels have been a key target for hackers over the past two years. But Romantik Seehotel Jaegerwirt appears to be a victim of a different targeted attack, aimed at extortion rather than extracting payment card details.

On receipt of the ransom, hackers unlocked the key registry system and other computers. They also left a backdoor in the system and tried to exploit it again in a subsequent attack – however the hotel had at that point replaced computers, implemented new security measures, and decoupled networks, foiling the crooks.

Managing director of the hotel, Christoph Brandstaetter, said: "We are planning at the next room refurbishment for old-fashioned door locks with real keys. Just like 111 years ago at the time of our great-grandfathers."

Tyrone Erasmus, a director of consulting firm MWR InfoSecurity, commented: "This is an interesting case, as the technique used to hold the hotel to ransom was unconventional and entirely targeted. Commonly, ransomware affects the availability of data held by businesses, but in this case the attackers understood that denying access to hotel rooms would be an effective way to extort money."

"This was a targeted attack against the hotel's room access control systems with the intention of extorting money, indicating that the attackers may well have already had a foothold within the hotel's IT system," Erasmus pointed out. ®

More about

TIP US OFF

Send us news


Other stories you might like