Boyne Resorts suffered a ransomware attack by the WastedLocker operation that impacted the company-wide reservation systems.
Boyne Resorts owns and operates lakeside resorts, mountains, ski areas, golf resorts and attractions spanning from British Columbia to Maine. Many of these properties are situated on well-known ski mountains, including Big Sky, Montana, Sugarloaf, Montana, Maine, Tennessee and Utah.
Initially, the ransomware breached the corporate offices and then moved laterally, targeting the IT systems of the resorts they operate. The company was forced to shut down portions of its network to prevent the spread of ransomware.
The company-wide reservations are impacted by the attack. The company customers are not able to book lodging at the resort, including the online reservation systems at each hotel’s website. It is unclear for how long the reservation systems are to be down.
The company immediately initiated an investigation, engaged a third-party cybersecurity firm to assist with our response and notified law enforcement.
“We are committed to working with our partners, law enforcement and customers to address any issues and continuing to enhance the security of our systems, ” Boynr Resorts said in a statement.
“Our investigation remains ongoing to determine the scope of the incidental.”
According to Bleeping Computer, the ransomware hitting Boyne’s network is called WastedLocker. This is the same ransomware that hit GPS company Garmin in July. The security experts link WastedLocker t a Russian hacking group called Evil Corp.
The ransomware encrypted files and renamed their filenames by adding the “.easy2lock” extension.
US authorities do not allow ransom payments to WastedLocker; this means that Boyne Resorts could face severe sanctions if it pays the ransom.