Weekly Tech Roundup— February 6
Disaster struck last week, and the victims ranged from everyday users to large organizations. Valuable data was lost, operations were shut down, and some people were even affected physically after a ransomware attack took control of the electronic locking systems at an Austrian hotel.
This week’s tech roundup is full of stories that detail the horrors of failed data protection. Are you making the same mistakes?
Ransomware locks hotel guestroom doors
Picture this — you’re heading back to your hotel room after a long day of skiing, but when you get to your door, your key card fails. Now imagine going down to the front desk only to be told that they have no way to unlock your door due to ransomware taking control of their systems. What do you do?
This was a reality for guests at a luxury hotel in Austria.
According to Digital Trends, the Romantik Seehotel Jaegerwirt hotel in Turracher Höhe, Austria was forced to pay $1,600 in bitcoin after a ransomware attack compromised their systems. The attack affected the electronic key network and left people without access to their rooms.
The attack shut down the network for 24 hours and forced the hotel to switch over to a separate internal system to lock and unlock doors.
This is not the first time this hotel was hit by ransomware. Last summer, it was hacked as well and had to pay thousands of euros in IT costs. After paying the ransom in the most recent attack, servers were fully restored.
Going forward, however, the Romantik Seehotel Jaegerwirt hotel is taking data protection more seriously. They’re limiting their reliance on a digital network to control their locking system, for starters, returning to traditional mechanical locks and keys.
Considering this isn’t the hotel’s first attack, a comprehensive backup solution with integrated disaster recovery measures would ensure maximum protection in the future.
Netflix scam tricks users into downloading ransomware
Pirating movies and television shows just got more dangerous.
Windows PC users attempting to circumvent paying for a Netflix subscription by signing up for alternative free websites are being hit by ransomware, Dark Reading reports.
The ransomware takes root after a login window pops up, asking users to create an account. As the user begins filling out the login fields, the malware starts encrypting. Once encryption has finished, these cybercriminals then demand $100 in bitcoin to get their data back.
"We regularly see threat actors utilize popular apps or services as a lure to get victims to infect themselves," said Global Director of Threat Communications at Trend Micro Jon Clay. "We will likely see other popular vendors targeted with their brands, especially if the actors behind [the Netflix scam] find success. They will use this tactic again with other vendors,” he continued.
This specific ransomware targets users of Windows 7 or Windows 10; on other versions of Windows, the ransomware ultimately destroys itself.
In order to ensure you don’t lose valuable data in the same way, it’s important that you back up your devices regularly. It is also important to make sure you aren’t putting yourself into a position where you are putting your data at risk by creating logins on suspicious sites without proper data protection.
RELATED: What is Ransomware?
Netgear routers open to password authentication bypassing
Your network routers aren’t as safe as you think they are.
If you’re using certain Netgear routers, your network could be at risk, Trust Wave reports.
Two vulnerabilities in Netgear routers were uncovered by accident when one user tried hacking into his own network router. When his Netgear VEGN2610 router lost its connection to the internet, he tried getting creative to reconnect it.
While fiddling with web server parameters, he found that authentication bypass was possible.
A few alterations to the Netgear authentication code gave this user the opportunity to access password credentials with extreme ease. With a little bit of internet research, he found two publicly disclosed exploits in various models.
These findings were sent to Netgear in April 2016, which responded with an advisory of 18 vulnerable models. In later months, even more vulnerable devices were made public and corrected.
What’s so astonishing about these vulnerabilities is how many models were affected—the network router is supposed to be first and last line of defense against attack. This vulnerability would make hacking into a user’s network quick, easy, and highly profitable. It also gives hackers access to passwords that may be used to protect other systems—leaving data highly vulnerable.
With findings such as these routinely popping up, it’s vital that your data protection strategy is comprehensive and complete.
Cockrell Hill Police Department loses eight years’ worth of evidence
A server compromised by ransomware caused a Texas police department to lose eight years’ worth of important evidence data, according to The Register.
The infection originated in an email using a cloned department-issued address. The hackers then demanded 4 bitcoin as a ransom payment, which equals about $3,600.
The department immediately turned to their backup solution, but found that didn’t have backups that could be quickly restored.
The Cockrell Hill Police Department then turned to the FBI, which told them that there was no guarantee that their criminal extorters would actually deliver the decryption key necessary to recover their files. Instead, the police department set out to wipe the encrypted files from the system, which took the eight years of criminal evidence with it.
The data lost includes Microsoft Office documents, body camera video, in-car video, in-house surveillance video, and photographic evidence.
The ransomware variant that infected these systems is known as Osiris, and was first spotted in December.
RELATED: Osiris Ransomware
Ohio county government shut down by data loss
Government offices in Licking County Ohio were shut down after ransomware compromised their servers, International Business Times reports.
The attack was discovered last Tuesday after officials were unable to access the internet or their phones. It is still unclear how this ransomware entered their servers.
Departments including the police department and the county auditor’s office were affected, forcing officials to work offline throughout the week. People could still call 911 in the case of emergency, but emergency operators were forced to work manually without the support of their usual computer systems.
All country departments were taking a major hit after this attack. Applications could not be processed, and neither could some calls like those to Job and Family Services. Departments began bringing in laptops to try and speed up the manual process of documentation.
There is no word yet on whether or not the county will pay the ransom for this attack, but it’s apparent that this incident is taking its toll.