UK-based IHG operates 6,000 hotels around the world. Last week customers reported widespread problems with booking and check-in. After initially reporting they were undergoing system maintenance, IHG confirmed to investors that it had suffered a cyber attack.
The hackers from Vietnam contacted The BBC via an encrypted messaging app.
The attackers confirmed they originally planned it to be ransomware. But the IT team isolated servers to stop it. The hackers then performed a wiper attack for fun. A type of cyber-attack that destroys data, documents, and files.
These attacks are on the rise, and the unrepentant response from the attackers is shocking. The hackers gained access to IHG’s internal IT network by tricking an employee into downloading a malicious piece of software through an email attachment. They also gained access to their internal Outlook emails, Microsoft Teams chats and server directories.
They also had to bypass an additional security prompt message as part of a two-factor authentication system. But gaining access to the most sensitive parts of the computer system was made easy for the attackers because of an extremely weak password, available to all employees via a password vault.
While IHG disputes their password vault was secure, GHM urges businesses of all sizes to ensure employees know how to spot phishing emails, deploy a two-factor authentication system, and set up complex passwords.
Cyber attacks can happen to businesses of all sizes. GHM provide free IT security checks – for further information, contact us on 01865 36711.