Motel One, a prominent hotel chain in Europe, recently experienced a ransomware attack, resulting in unauthorized access to customer data. The hotel is recognized for its budget-friendly accommodations and operates a network of 90 hotels across Europe and the United States.
The hotel has assured that the impact of the attack was kept to a bare minimum.
Nevertheless, it has been confirmed that the attackers were able to access specific sensitive customer credentials, including address details and the information associated with 150 credit cards.
Prior to the hotel's official statement concerning the attack, the company's name appeared on the dark web leak site associated with the ALPHV ransomware gang.
The group has stated that they successfully obtained several terabytes of data from the company, notably encompassing portions of customer information.
Additionally, TechCrunch company has gained access to a segment of this data, as claimed by the ransomware gang, which is purported to contain details of both employees and specific customers.
What measures we can take against ransomware attacks?
1. Extensive research underlines that a significant portion of cyberattacks find their roots in phishing emails. However, through ongoing education and training in social engineering tactics, we have the power to effectively decrease the likelihood of a data breach by as much as 70%.
2. Insufficient software updates significantly contribute to cybersecurity breaches. It is imperative to uphold a thorough system inventory, conduct comprehensive vulnerability assessments, and apply patches promptly and consistently.
3. Promote a practice of not reusing passwords and encourage regular password changes among employees. Employing browser-based password managers can be a beneficial tool. The implementation of MFA provides an additional level of user validation and authorization.
4. Incorporating backups into your risk management and contingency strategies is paramount. Regularly testing and keeping backups isolated from the primary network are critical measures. It's worth noting that while backups are invaluable, they may not always provide complete protection against extortion attempts in the event of a ransomware attack.
5. Being prepared for unexpected events is essential. A thoroughly rehearsed incident response plan, when coupled with the deployment of endpoint detection and response (EDR) tools, empowers businesses to adeptly handle cyberattacks, lessen the repercussions of a security incident, and accelerate recovery initiatives.
Additionally, in the event of a ransomware attack, it's crucial not to give in to the extortionists' demands. Instead, we strongly advise reaching out to your local cybersecurity authority, Cyber Watch officers, or the Internet Crime Complaint Center. Remember, paying the ransom will only embolden further ransomware criminal activity.