This website collects cookies to deliver better user experience. Cookie Policy
Accept
Sign In
The Wall Street Publication
  • Home
  • Trending
  • U.S
  • World
  • Politics
  • Business
    • Business
    • Economy
    • Real Estate
    • Markets
    • Personal Finance
  • Tech
  • Lifestyle
    • Lifestyle
    • Style
    • Arts
  • Health
  • Sports
  • Entertainment
Reading: Inside a Ransomware Hit at Nordic Choice Hotels
Share
The Wall Street PublicationThe Wall Street Publication
Font ResizerAa
Search
  • Home
  • Trending
  • U.S
  • World
  • Politics
  • Business
    • Business
    • Economy
    • Real Estate
    • Markets
    • Personal Finance
  • Tech
  • Lifestyle
    • Lifestyle
    • Style
    • Arts
  • Health
  • Sports
  • Entertainment
Have an existing account? Sign In
Follow US
© 2024 The Wall Street Publication. All Rights Reserved.
The Wall Street Publication > Blog > Tech > Inside a Ransomware Hit at Nordic Choice Hotels
Tech

Inside a Ransomware Hit at Nordic Choice Hotels

Editorial Board Published January 12, 2022
Share
Inside a Ransomware Hit at Nordic Choice Hotels
SHARE

Nordic Choice Hotels, a chain with more than 200 hotels across Scandinavia and the Baltic countries, is still dealing with technology problems and the fallout from a data leak after a Dec. 1 ransomware attack.

Contents
Kari Anna Fiskvik, vice president of technology at Nordic Choice HotelsNewsletter Sign-upWSJ Pro CybersecurityOtto Johansson, service crew manager, tracks room status manually at the Quality Hotel Winn in Gothenburg, Sweden.Rasmus Stridh Halvorsen, an employee at Hotel Xpress Central Station in Oslo, learns how to use Google’s Chrome products in the aftermath of a December ransomware attack.

Immediately after the incident, the company shut down corporate computers, check-in desks and machines such as music systems, and disconnected computers from the internet, said Kari Anna Fiskvik, Nordic Choice’s vice president of technology.

Kari Anna Fiskvik, vice president of technology at Nordic Choice Hotels

Photo: MAIA HANSEN/A-I-AM

Hotel staff recorded check-in details with pens and paper, and escorted guests to their rooms because digital keycards didn’t work, Ms. Fiskvik said. Just as hackers struck, hotel business was booming again after long pandemic-related lockdowns.

“We were a good target because we were tired already,” she said.

More than five weeks after hackers hit, glitches continue in machines that provide heating, music and other services, she said.

Nordic Choice, an independent franchisor of Rockville, Md.-based Choice Hotels International Inc., operates hotels in Norway, Sweden, Denmark, Finland and Lithuania. A spokesperson for Choice Hotels International said there is no indication the attack affected its technology systems.

An investigation found that hackers had infiltrated Nordic Choice’s systems 36 to 48 hours before launching the attack through a phishing email that appeared to be sent by a tour operator in frequent contact with the company, Ms. Fiskvik said.

Ransomware attacks are increasing in frequency, victim losses are skyrocketing, and hackers are shifting their targets. WSJ’s Dustin Volz explains why these attacks are on the rise and what the U.S. can do to fight them. Photo illustration: Laura Kammermann

Newsletter Sign-up

WSJ Pro Cybersecurity

Cybersecurity news, analysis and insights from WSJ’s global team of reporters and editors.


A hotel employee thought the message was legitimate and clicked on a malicious link, she said. Hackers then took out most of the hotelier’s antivirus systems and copied data from local Windows files, she added.

Once inside the hotel’s network, the hackers deployed ransomware known as Conti—the same strain that has crippled a number of corporate victims in recent months, plus Ireland’s public healthcare system in 2020.

The Retail and Hospitality Information Sharing and Analysis Center, a nonprofit group that facilitates the exchange of information about cyber threats, had warned members in October about increased ransomware attacks. Retailers and hoteliers should take security precautions such as using multifactor authentication for web-based mail applications and other critical systems, RH-ISAC urged.

Hackers left a message on Nordic Choice computers about how to contact them to decrypt locked data, but didn’t name a ransom amount. The company didn’t plan to talk to the attackers or pay a ransom, Ms. Fiskvik said. Last week, however, she discovered that someone had replied to the hackers in late December, when tech systems were restored, despite warnings from her team not to, prompting the hackers to demand $5 million. Still the company didn’t pay.

Ms. Fiskvik doesn’t know who made contact but it could have been anyone with access to the ransom note, which was available on all hotel computers, she said, adding that she reported the communication to police.

Otto Johansson, service crew manager, tracks room status manually at the Quality Hotel Winn in Gothenburg, Sweden.

Photo: DAN BERGSTEN/QUALITY HOTEL WINN

The morning after the attack, Nordic Choice operations and tech teams set up a crisis team and decided to fast-track an existing plan to switch from Microsoft Corp.’s Windows system to Alphabet Inc.’s Google Chrome products. Before the attack, Ms. Fiskvik’s team had planned to convert thousands of hotel computers and service machines from Windows to Chrome as part of a sustainability initiative. She moved up the migration as a way to help recover operations. Technicians didn’t need to visit hotels to collect and clean computers, she said.

The team converted the first computer within 24 hours of the attack, and restored operations at the first hotel within 48 hours, running bookings and check-ins on Chrome. The group migrated around 2,000 computers in 212 hotels within two days, saving weeks of work, she said.

Replacing or changing technology after a cyberattack can be tricky and may introduce new security problems, said Bryon Hundley, vice president of intelligence operations at RH-ISAC.

Rasmus Stridh Halvorsen, an employee at Hotel Xpress Central Station in Oslo, learns how to use Google’s Chrome products in the aftermath of a December ransomware attack.

Photo: Majken Helén Evensen

The victim company is already in a vulnerable position, Mr. Hundley said, and experts need to test several security aspects, such as multifactor authentication and identity management on the new products. “There are so many complexities to rolling out these technologies, assuring they work and still maintaining a good customer experience,” he said.

As Nordic Choice worked to recover tech systems, hackers posted personal data about employees on the dark web, including details about their bank accounts and government-issued identification numbers. At the time, they claimed the published data was 10% of what they stole.

A few days later, they posted more information, saying it was 20% of the total.

The company held virtual meetings to inform employees about the dark-web posts and has been instructing managers about how to help affected individuals protect themselves from identity theft. “It was definitely very hard on our employees to know that data about them was out on the web, public to anyone with a link,” Ms. Fiskvik said.

Hackers didn’t access systems with customer information, she said.

Nordic Choice informed Norway’s data protection regulator of the data leaks and continues to monitor the dark web, she said. Companies are required to quickly notify regulators about a breach of personal data under Europe’s General Data Protection Regulation privacy law.

Ms. Fiskvik’s team is developing a short cybersecurity training program to teach employees about hacking threats in a way that is easy to digest, such as weekly lessons on how to recognize malicious links or understand other threats. “Most people just can’t keep up. It’s just not what they know. We’re hoteliers, we’re not tech experts,” she said.

Write to Catherine Stupp at [email protected]

Copyright ©2022 Dow Jones & Company, Inc. All Rights Reserved. 87990cbe856818d5eddac44c7b1cdeb8

TAGGED:Tech NewsWall Street Publication
Share This Article
Twitter Email Copy Link Print
Previous Article ‘No Time to Die: Collector’s Edition’ 4K Ultra HD movie review ‘No Time to Die: Collector’s Edition’ 4K Ultra HD movie review
Next Article Kazakhstan Blames Violent Protests on Criminals; ‘It Was Hell’ Kazakhstan Blames Violent Protests on Criminals; ‘It Was Hell’

Editor's Pick

Yanin Campos Reason for Loss of life: MasterChef Star Gone at 38

Yanin Campos Reason for Loss of life: MasterChef Star Gone at 38

Studying Time: 2 minutes Yanin Campos — who appeared on season 4 of the cooking competitors collection MasterChef — was…

By Editorial Board 2 Min Read
8 Most Snug Males’s Costume Pants for Each 2025 Fashion | Fashion
8 Most Snug Males’s Costume Pants for Each 2025 Fashion | Fashion

We independently consider all beneficial services and products. Any services or products…

19 Min Read
‘I feel like it’s my responsibility’: How Palo Alto native, former NBA standout Jeremy Lin is guiding the subsequent wave of Asian American basketball gamers
‘I feel like it’s my responsibility’: How Palo Alto native, former NBA standout Jeremy Lin is guiding the subsequent wave of Asian American basketball gamers

PALO ALTO — Jeremy Lin cringes just a little bit when he…

13 Min Read

Oponion

Tesla, Ford and GM Raise EV Prices as Costs, Demand Grow

Tesla, Ford and GM Raise EV Prices as Costs, Demand Grow

Copyright ©2022 Dow Jones & Company, Inc. All Rights Reserved…

June 26, 2022

WHO: Use low sodium salt to cut back coronary heart assault danger | India Information

NEW DELHI: In a renewed effort…

February 11, 2025

Girl Scouts introduce new cookie, hybrid sales for 2022 season

The Girl Scouts are returning to…

January 13, 2022

Miss Manners: If the marriage is on a weekday afternoon, do they actually need us there?

DEAR MISS MANNERS: My husband and…

December 11, 2024

San Jose instructing assistant arrested on suspicion of possessing inappropriate photographs

SAN JOSE – A instructing assistant…

March 6, 2025

You Might Also Like

Your Out of doors Air High quality Monitor May Result in Safer Air for Everybody
Tech

Your Out of doors Air High quality Monitor May Result in Safer Air for Everybody

It wasn’t that way back that few individuals had been monitoring the air—not the federal government, not its residents. At…

7 Min Read
Our Sleep Knowledgeable Will Assist You Discover the Finest Coloured Noise for Slumber
Tech

Our Sleep Knowledgeable Will Assist You Discover the Finest Coloured Noise for Slumber

As an authorized sleep science coach and mattress tester of 5 years, I am no stranger to soothing noises being…

7 Min Read
I Wrote This Whereas Trotting On a Dozen Totally different Strolling Pads
Tech

I Wrote This Whereas Trotting On a Dozen Totally different Strolling Pads

Sitting at your desk all day is actually a ache. It’s unhealthy on your psychological and bodily well being and…

6 Min Read
Find out how to Preserve Your Outside Griddle From Rusting
Tech

Find out how to Preserve Your Outside Griddle From Rusting

OK, so you have obtained a yard griddle. Congratulations, it is slightly like becoming a member of a cult—albeit one…

4 Min Read
The Wall Street Publication

About Us

The Wall Street Publication, a distinguished part of the Enspirers News Group, stands as a beacon of excellence in journalism. Committed to delivering unfiltered global news, we pride ourselves on our trusted coverage of Politics, Business, Technology, and more.

Company

  • About Us
  • Newsroom Policies & Standards
  • Diversity & Inclusion
  • Careers
  • Media & Community Relations
  • WP Creative Group
  • Accessibility Statement

Contact

  • Contact Us
  • Contact Customer Care
  • Advertise
  • Licensing & Syndication
  • Request a Correction
  • Contact the Newsroom
  • Send a News Tip
  • Report a Vulnerability

Term of Use

  • Digital Products Terms of Sale
  • Terms of Service
  • Privacy Policy
  • Cookie Settings
  • Submissions & Discussion Policy
  • RSS Terms of Service
  • Ad Choices

© 2024 The Wall Street Publication. All Rights Reserved.

Welcome Back!

Sign in to your account

Lost your password?