cancel
Showing results for 
Search instead for 
Did you mean: 

Enjoy your stay: Access is denied

BarnabyWood
Level 2
Employee

hotel room.png

"One of Europe's top hotels has admitted they had to pay thousands in Bitcoin ransom to cybercriminals who managed to hack their electronic key system, locking hundreds of guests out of their rooms until the money was paid."*

 

The coincidence of timing suggests that the recent malware attack on a luxury hotel in Austria was highly organized:

  1. It was the opening weekend of the hotel's winter season
  2. The attack included room access, reservations and cash desk
  3. This was third of its kind at the hotel and hackers left a back door in the system

 

Interestingly, the hotel went public with the story in order to alert others to the issue, being aware that colleagues at other establishments had suffered the same fate already. As we have seen elsewhere, however, paying the €1,500 ransom is not the end of the story and is not the full extent of the cost. One of the consequences of the attacks was the replacement of hardware and, significantly, the de-coupling of some systems. In addition, when the hotel is refurbished next, the electronic room locks will be replaced by locks with physical keys as a further prevention.

 

The significant cost and customer impact of these types of attacks is being seen across many industries and business types. It is not limited only to small businesses and invariably does not impact just one user. Education of those users is an important factor to limiting the chances of attack but ultimately the simple, last line of defence is overlooked raising the level of risk immeasurably.

 

In terms of backup, mitigating the risk is simple:

  1. Take a regular backup of important data and applications
  2. Ensure that backup data cannot be reached and infected
  3. Test backup data frequently to ensure recoverability

 

Some Backup Exec next steps:

  1. Think about Recovery Point Objectives: how far back is a good backup? How far back can you go if you hadn’t realised there was a problem?
  2. Identify systems, applications and data the business can’t do without. Is it  “offline secure?”
  3. Try it. See how much easier Backup Exec makes protecting yourself from the impact of Ransomware. www.backupexec.com/TryBE

 

 

 

 

* The Local, 28th January 2017