Nordic Choice Hotels Ransomware: Keep Calm…We’re Running As Fast As We Can

“We’ve got a problem. Keep calm. We’re running as fast as we can…” 

Nordic Choice Hotels Group sent this message in an email to program members after its IT systems were hit by the Conti ransomware group on the evening of December 2. 

Nordic Choice Hotels is one of the biggest hospitality groups in Scandinavia. The Scandanavian chain has 200 hotels in Scandinavia, Finland, and the Baltics. The chain includes the well-known Comfort, Quality and Clarion brands, and employees 16,500 people. (Nordic Choice Hotels is based in Norway, known for being the 14th most peaceful nation in the world with a very low crime rate.)

A release with information for guests on the virus attacks published on the Nordic Choice Hotel website on Monday describes the attack shutting down systems for booking, check-in, check-out, payment and creation of new room keys. Hotel key cards were rendered out of service by the attack. There was no access to booking systems, except in “Guest” mode. 

There has been no ransom demand yet and the staff switched to manual procedures to carry out business operations. Members are currently unable to log in to their Nordic Choice Hotels accounts to book and manage reservations or apply reward points, although it remains possible to book stays without being logged in.

The Nordic Choice Hotels Ransomware attack feels like a “fender bender”.  They appear to have avoided a total loss (i.e.; a full-blown ransomware attack), with some forms of damage still being inflicted.

While it’s too soon to tell if their collision avoidance was good planning or good fortune, it underscores the importance of business continuity and resilience.  Although reverting to manual processes is never a pleasant option, it’s sometimes necessary to continue operations.

With recovery efforts still underway, it’s a good opportunity to shift focus on the soft targets (the customers).  There are multiple items to consider related to physical and digital security at hotels, but here is a simple, yet effective tip we often lose sight of.  Use a VPN when connecting to untrusted networks!  I realize I’m being “Captain Obvious” in this example, but nevertheless, it’s true.

Like it or not, most of us (myself included) are digital sloths.  Just one extra password or pin, just one extra mouse click to protect ourselves is sometimes a bridge too far, therefore we revert back to our bad habits.  The VPN space is full of low or no-cost solutions. Find one that works for you and practice good cyber habits (particularly in public) to avoid colliding with bad actors.

Looking for more good cyber habits? Read these recent posts on the Port of Houston Cyberattack and the Robinhood Data Security Event.

Blog Footer Cybersecurity