Hackers Targeting Hotel Ransomware Attacks

Imagine it’s check-in or check-out time at your hotel on a Saturday right before a holiday and the entire computer system is locked. Kaput.

Smiles and sorrys aren’t doing the trick. The “server reboot to the rescue” doesn’t get business up-and-running.  In fact, it turns out that your software has been attacked by ransomware—a nasty cyber extortionist that demands money in order to unlock your computer.

Hotel guests are waiting (not patiently). Do you quickly fork over hundreds or even thousands to the hacker? Or do you try to de-bug (which could take a significant amount of time) to see if you can avoid paying the ransom?

Ransomware attacks skyrocketed in 2016, according to an Insurance Journal report. Beazley data breach stats reported more attacks in July and August of 2016 than during all of 2015. A recent article in Wired cited $24 million paid out to cyber hackers in 2015. And that’s not including those who didn’t report their attacks to the FBI and the costs of disinfecting machines afterward.

Institutions that rely on data are at high risk. Ransomware attacks are increasing in the financial, retail, and hospitality sectors. Like many things, the best protection comes proactively, before an attack occurs.

Here are some tips to guard against the most rancid hotel ransomware attacks:

  1. Daily data backups. That’s right, every day. Cloud services will ensure that you can access your data no matter how it is comprised. An external hard drive also suffices for backups, but make sure it is NOT connected to the server or other computers after the backup is completed, because if it is, the backup could get encrypted, too.
  2. Don’t click on links in e-mails that look suspicious. It may say it’s from your friend, but if it’s at all questionable, don’t click on the link. It could spread the malware to your computer.
  3. Same goes for ads—make sure your computers have ad blockers so “malvertising” doesn’t catch you or an employee off guard.
  4. Keep third-party plug-ins (like Java and Flash) up-to-date to prevent malware from using known vulnerabilities to get in.
  5. KnowBe4 offers a manual for dealing with the aftermath of a ransomware attack.

There are a lot of things we have to pay for. Ransom shouldn’t be one of them!