25-27 Jun 2017

Industry News

Industry News > Hotel forced to pay computer hackers after its keycard system is hijacked

Hotel forced to pay computer hackers after its keycard system is hijacked

Cyber criminals force Austrian hotel to pay $1,600 ransom to restore system - it is the third time and some observers believe there maybe hundreds of other hotels which have been victim but have not gone public

Share on Facebook
A top hotel in Europe has admitted it had to pay thousands in Bitcoin ransom to cybercriminals who hacked the hotel's electronic key system, which stopped the issue of new keycards until a ransom was paid.

The incident is the third time the four star Austrian hotel has been hit and has sent ripples across the hospitality world. Some observers believe there maybe hundreds of other hotels that have been victim but have not reported it.

Hotel managers at the lakeside Romantik Seehotel Jaegerwirt on the Alpine Turracher Hoehe Pass in Austria, said they decided to go public with what happened to warn others of the dangers of cybercrime, according to Austria's leading English language news site thelocal.at

"Hotel management said that they have now been hit THREE times by cybercriminals who this time managed to take down the entire key system. The guests could no longer get into their hotel rooms and new key cards could not be programmed.

"The attack, which coincided with the opening weekend of the winter season, was allegedly so massive that it even shut down all hotel computers, including the reservation system and the cash desk system."

Hackers said they would restore the system for 1,500 euro ($1,604) in online trading currency Bitcoin paid to them.

Managing Director Christoph Brandstaetter told thelocal.at: "The house was totally booked with 180 guests, we had no other choice. Neither police nor insurance help you in this case."

"The restoration of our system after the first attack in summer has cost us several thousand Euros. We did not get any money from the insurance so far because none of those to blame could be found."

The manager said it was cheaper and faster for the hotel to just pay the Bitcoin.

Brandstaetter said: "Every euro that is paid to blackmailers hurts us. We know that other colleagues have been attacked, who have done similarly."

He told Forbes "We simply could not issue new keycards because the computers were encrypted," he said. " He added "we were hacked, but nobody was locked in or out." c

The Seehotel Jagerwirt said they "decoupled" systems to prevent future attacks. That's a strategy many organisations are adopting to secure their systems.

Forbes spoke to Tim Eades, CEO of vArmour, a Bay-Area security firm that specialises in something called micro-segmentation. In micro-segmentation, every system on the network is treated as a potential threat. None is given complete trust. Instead, systems are only granted access to the specific resources they need in order to perform their functions. That makes it easier to lock things down when a breach is detected, which minimizes damage and helps keep service interruptions to a minimum.

Cyber security is a major issue and the Vision Conference at this year's Hotel Show Africa in Johannesburg will focus on the dangers to hotel businesses, large and small, at a special presentation on day 2.

"Technology has changed the way hotels operate but it is vital that everyone involved understands the potential pitfalls and, importantly, where to go to ensure 100% security," said Christine Davidson, Vice President at dmg-ems Africa, organiser of The Hotel Show Africa. "The Vision Conference will offer a forum to hear from the experts and to discuss with other professionals in the hospitality industry, your experiences."