Ransomware attacks hotel computer and keycard system

Deborah Salmi 1 Feb 2017

Ransomware attack on hotel holds computer system hostage making reservation and electronic key inaccessible.

The Romantik Seehotel Jäger, sitting serenly for 111 years in the picturesque Austrian Alps, fell victim to a ransomware attack. At the height of the winter ski season, cybercriminals took control of the hotel's computer system and demanded $1,603 in bitcoins to release reservations and the system to program electronic keys used by guests to access their rooms.

For three weeks before the attack, the hotel was closed, so no data backups were made. After the files were locked down by the ransomware, employees were unable to access documents or reservations. According to articles in the Austrian press, the hotel was fully booked, so the managing director, Christoph Brandstätter, was under a great deal of pressure to get the systems up and running. Local authorities could do nothing to help him, so Brandstätter paid the required ransom of $1,603 in the form of Bitcoins. After the payment, the systems were unlocked and hotel operation resumed.

"Any business and individual can be targeted by ransomware," said Ondrej Vlceck, Avast's chief technology officer, "and the more damaging the compromised computer system or computer malfunction is for victims, the more likely it is for the bad guys to collect the ransom."

In another case that would have been highly damaging to its victims, the Hollywood Presbyterian Medical Center in Los Angeles was attacked last year by ransomware. Hackers targeted the hospital’s computer system and patient records were held hostage, and the hospital eventually paid $17,000 to have their files unlocked. Added Avast's Vlceck, "Ransomware could hypothetically disable any computerized system at any institution and impact front or back office operations. So owners, administrators, and employees need the best defense possible. This includes using strong anti-malware software, never opening suspicious attachments, and ensuring your systems, applications, and devices are fully updated and patched."

To avoid this type of attack in the future, the hotel operator says he plans to return to issuing real keys to guest rooms, just like in his great-grandfather’s day.

Ransomware is a threat to business

Theoretically, any computer system or “Internet of Things” (IoT) device, such as surveillance cameras, could be attacked. In order to protect your clients and customers:

  • Install a strong antivirus software like Avast for Business
  • Instruct employees to never open unknown attachments in emails
  • Update and backup all systems, applications, and devices on a regular basis

Avast offers ransomware victims 14 decryption tools to help get files back. Find the tools on our free ransomware decryption tools page.


--> -->