Avatar photo


Author Bio ▼

Adam Bannister is a contributor to IFSEC Global, having been in the role of Editor from 2014 through to November 2019. Adam also had stints as a journalist at cybersecurity publication, The Daily Swig, and as Managing Editor at Dynamis Online Media Group.
February 10, 2017

Sign up to free email newsletters


Whitepaper: Multi-residential access management – The move to digital


Hotel pays bitcoin ransom after guests are locked out of rooms by ransomware infection

A four-star Austrian hotel has paid hackers a ransom to free its systems from ransomware infection after guests were locked out of their rooms.

The Seehotel Jägerwirt hotel in the skining resort of Turracher Höhe reportedly paid hackers two bitcoins, which equates to around €1,500 (£1,300)

As well as disabling the smart cards that served as room keys, the embarrassing breach prevented the issuance of new key cards and hit the hotel’s reservation and cash desk systems.

The hotel’s managing director, Christoph Brandstätter, told Bleeping Computer that no guests were locked into their rooms, because international fire codes mandate that electronic hotel locks must open from the inside.

“We were hacked, but nobody was locked in or out,” he said. “For one day we were not able to make new key cards.”

“Since the locking system must work even in the event of power failure, the guests in the hotel almost did not notice the incident. We simply could not issue new key cards because the computers were encrypted.”

Ilia Kolochenko, CEO of cybersecurity firm High-Tech Bridge, says ransomware is increasingly the weapon of choice for hackers: “Ransomware attacks are relatively new, however are growing much faster than any other sector cybercrime,” he says.

“The success is explained by their technical simplicity to conduct and attackers’ certainty to get paid by most of the victims, who often have no other choice that would be economically reasonable.”

The consequences of the rise of ransomware could be graver than the payment of ransoms that frequently take place, he says.

“Propagation of IoT and smart devices into our everyday lives will definitely increase the risks, frequency and the consequences of the ransomware attacks. I wouldn’t be surprised if in the next few years cybercriminals will lock operational rooms in hospitals or unlock doors in state prisons.

“Unfortunately, our law enforcement agencies don’t have enough experience, technical skills and most importantly – resources to fight cybercrime. If they don’t get them today – in the next few years our society will lose confidence in a justice system that is unable to prosecute and prevent cybercrime.”

The Seehotel Jägerwirt almost fell victim to another breach shortly after the incident, but the hotel was able to take systems offline in time, said Brandstaetter.

Subscribe to the IFSEC Insider weekly newsletters

Enjoy the latest fire and security news, updates and expert opinions sent straight to your inbox with IFSEC Insider's essential weekly newsletters. Subscribe today to make sure you're never left behind by the fast-evolving industry landscape.

Sign up now!

man reading a tablet, probably the IFSEC Global newsletter

Related Topics

Notify of
Inline Feedbacks
View all comments