Recent reports that the luxury lakeside hotel in the Austrian Alps, Romantik Seehotel Jägerwirt, was hit with ransomware which locked the guest in their rooms turns out to be false.

The hotel was hit by ransomware, which the hotel paid, but no guest were either locked out of their rooms. The owner of the hotel, Cristoph Brandstaetter, told Motherboard that, “This is totally wrong, it was just a normal cyber-attack and no guests were locked in.” International law dictates that all hotels with electronic locks are made to be opened from the inside in case of system failure.

However, the ransomware did lock the hotel out of their computer systems and demanded a ransom of €1500 (£1300) which the hotel paid.

The hotel had 180 guests at the time of the attack and none were affected by the ransomware. However, incoming guests were unable to register due to the system being down.

The hotel was forced to pay the ransom when help from the police failed. “The police told us that we are one of many companies hacked recently,” Brandstaetter said. “They are trying to figure out who made the cyber-attack.”

Commenting on the state of ransomware, Gunter Ollmann, CSO of Vectra Networks said: “Organisations that pay to release their encrypted files may be repeatedly held hostage with new periodic ransomware attacks - often by the same attackers. While some may find it humorous to read commentary from the first generation of ransomware authors stating ‘it was the victim's own fault for not having invested in their security,' today's professional hackers plan to distribute ransomware within their historical paying ‘customers' as they already know the network and know what pressures they can apply to guarantee payment.”

Source:SCMagazine