April 11, 2017

The premise of ransomware is pretty simple: attackers threaten to ruin your business by seizing digital control unless you pay their ransom. It’s an effective tactic, especially for industries like healthcare and finance who can suffer serious damage without consistent data access. But ransomware can also hit the hospitality industry hard, as one Austrian hotel found out at the beginning of ski season. Romantik Seehotel Jaegerwirt, a four-star luxury hotel known for its panoramic lake views, might not seem like a prime target for a cybercrime ring - but it was, proving no business is immune to cybercrime.

A Creative Attack

Hackers managed to access the hotel’s electronic key system on the first day of the winter season, infiltrating a reception computer and shutting down the hotel’s ability to program new key cards for incoming guests. With those systems locked via ransomware, guests couldn’t re-enter their hotel rooms if they left them, while new guests could not check in.

With business brought to a halt and the guests inconvenienced, the hotel paid the ransom. “Neither police nor insurance help you in this case,” said managing director Christoph Brandstaetter.

The hackers were paid; the system went back online. And that’s where the story gets interesting – from an IT perspective. It turns out that the hotel had been attacked several times before. But the leaderships’ reaction wasn’t to upgrade their backup and disaster recovery, or look for a solution that could recover fast enough to thwart the attackers. It was to replace the electronic locks with old-fashioned physical keys.

While it’s true that both bluetooth locks and RFID keycard entry systems can be hacked, switching back to traditional keys won’t necessarily stop the next attack. The hospitality industry is a ransomware target for many reasons. One of them: the wealth of personal information in their systems. Payment card numbers, birthdates, home addresses and more are all cybercrime bait. In fact, point-of-sale terminals at the Hard Rock hotel in Las Vegas were hit with malware in 2016, exposing customer data, while Trump hotels have been hit by malware again and again.

Another reason: the hospitality aspect lowers any tolerance for downtime. Hotels and resorts are expected to cater to their guests, providing every convenience possible. Ransomware attackers know this, and they know they can count on the hotel executives to pay ransoms quickly rather than risk offending their customers and acquiring a reputation as a dangerous destination.

What Really Stops Ransomware Attackers

To adequately protect against ransomware attacks, hotels must leverage advanced backup and disaster recovery solutions. The first step is a risk analysis that plans for likely disasters. How could an attack bring down the hotel, besides shutting down an electronic key system or stealing customer data? A thorough recovery plan will help the team regain control as quickly as possible.

Another part – a very essential part – of achieving fast recovery is using the right technology. Most hotels do not have a large IT staff or they outsource their BDR needs entirely; to position themselves for rapid recovery, they should look for a solution that does the heavy lifting for them. A few features to look for include:

Near instant 1-click recovery. When confronted with a ransomware attack, the team won’t have hours or days to waste on complicated failover processes or hours, even days, of downtime. A 1-click solution that can spin up a replica on the spot can help the team establish uptime without paying the ransom or trying to remember a difficult process.

Automated testing and simple tools. By liberating hospitality IT teams from tedious manual processes that eat up their days, the organization can benefit from sophisticated backup and disaster recovery – without demanding an extensive, trained staff.

Unified all-in-one solutions. A unified solution can meet all of the team’s BDR needs with efficient processes and overarching visibility that helps them make informed decisions.

Recent hospitality ransomware attacks are just more evidence that the Internet of Things (IOT) are a daily and often vulnerable part of our organizations. Hospitality and other organizations must create security plans that account for that reality, and make a fast, efficient BDR solution an integral part of those plans.