Hundreds of guests at a 4-star hotel in Austria were locked out of their rooms earlier this month after the hotel was hit with ransomware, according to The Local, an Austrian media outlet.
Hackers reportedly breached the hotel’s electronic key system and prevented the system from working, though hospitality news site Allgemeine Hotel- und Gastronomie-Zeitung, said nearly all the hotel's guests were on the ski slopes when the incident occurred.
The Romantik Seehotel Jaegerwirt paid the 1,500 EUR ransom. Managing Director Christoph Brandstaetter said: "The house was totally booked with 180 guests, we had no other choice. Neither police nor insurance help you in this case.”
Hotel management said that they have now been hit three times by cybercriminals and have taken their systems offline to conduct security improvements. New key cards could not be programmed during the attack.
The attack demonstrates how hackers are getting more savvy about whom they attack and how. Though the FBI and many other agencies have warned businesses not to cave in to ransomware demands, in some cases, businesses have found it necessary when lives are in potential danger or when the situation creates a serious imposition for customers. In cases like the hotel ransomware, organizations might be able to revert to a less electronic system. However, that is not always the case.
Last February, Hollywood Presbyterian Medical Center in Los Angeles paid the equivalent of $17,000 in bitcoins to a hacker to regain control of its computer systems. The attack delayed everything from lab work to CT scans.