Locked Out: How Hackers Trapped Hotel Guests in Austria

It's not just your computer you have to worry about falling to a cyberattack, it's all of your internet connected devices. The Austrian hotel Romantik Seehotel Jaegerwirt learned this the hard way when one morning they received an email wishing them \Good morning.\"

The body of email detailed in no uncertain terms that the hotel had been put on lockdown, and until it paid a ransom of two Bitcoins, the hotel's electronic systems would remain shut down. If hotel management refused to pay the ransom by the end of that day, the ransom would double every consecutive day.

Earlier in the day hotel guests (some paying over $530 a night) had complained that their electronic room key cards were not working. It didn't matter that reception made new cards, guests could not get into their rooms.

How did cybercriminals infiltrate the hotel's electronic system? Simple: they used ransomware. How can the hotel and other businesses prevent cyberattacks in the future? Simple: by implementing and following smart cybersecurity tactics.

Clicks Lead to Cyber Hits

What most likely happened in the case of the Austrian hotel is someone opened the cybercriminal's email and clicked on an infected attachment or link that encrypted the files on the hotel's network. The hacker was able to shut down the hotel's reservation system and keep guests out of their rooms. Because the hotel was already at capacity, hotel owner Christoph Brandstaetter paid the ransom and in return his hotel was once more in charge of their network system.

There are two things hotel management did wrong here: they opened a spammy email and then paid the ransom.

Use Caution

If you find an email in your inbox from an unrecognized or undisclosed sender, do not open it. Hackers use emails as a tool to infect organizations' electronic systems. If you open the email and then click on a link or attachment, you have just infected your computer with malware.

There are a number of ways to determine if an email was sent to you by a hacker. Some clues are:

  • File extensions
  • Attachment downloads
  • Encrypted archives
  • Poor grammar
  • Poor spelling
  • Unknown sender
  • Unverified sender

If the email has any of the above issues, then there is an increased chance of it being infected with malware.

If somehow you missed the red flags, opened the email and clicked the link infecting your computer, do not pay the cybercriminal the demanded ransom. Instead, call your IT department and cybersecurity insurance agent and report the incident. Your IT will immediately begin to patch the system and boot out the hacker. Meanwhile your insurance agent will begin the cybersecurity procedures to get you financially ready to take care of any monetary damages the hacker may have inflicted.

After contacting your staff (and insurance agent) about the situation, immediately contact your clientele and let them know of the network breach. Inform them to shut down their accounts with the network and to monitor their own accounts to make sure the cybercriminal was not able to infiltrate their own system.

The next steps include updating your cybersecurity policy and refunding any clients who lost money or suffered disrupted services as a result of the breach.

To make sure you have enough cybersecurity insurance to cover your back, visit CyberPolicy to compare plans.

© 2016-2020 CyberPolicy, Inc. All rights reserved. CyberPolicy®, "Plan. Prevent. Insure."™, and "CyberCheckup"™ are trademarks of CyberPolicy, Inc.
DBA: CyberPolicy Insurance Solutions CA License No. 0L13180
DBA: CoverHound Insurance Solutions CA License No. 0H52375