BOYNE FALLS — Boyne Resorts’ online systems were hit by a ransomware attack last week that forced it to shut down parts of its network, according to multiple reports.
It is the latest in a series of ransomware attacks involving the travel industry.
Travel in 2019 became the second-most-targeted industry by cybercriminals, according to technology news website SiliconAngle. The financial industry remains the most-targeted.
Ransomware is malicious software that encrypts computer files, making them unusable. The attacker then demands ransom, and in exchange promises to decrypt the files.
Technology news website Bleeping Computer first reported the Boyne Resorts attack, and said it affected the company’s corporate offices, then spread into the company’s information systems.
Boyne Resorts posted this notice on its website:
“Boyne Resorts recently became aware of a potential security incident impacting some of our systems. In response, we immediately took our systems offline, initiated an investigation, engaged a third-party cybersecurity firm to assist with our response and notified law enforcement. Our IT team is currently working around the clock to repair the affected systems and services and bring them back online safely. Our investigation remains ongoing to determine the scope of the incident. We are committed to working with our partners, law enforcement and customers to address any issues and continuing to enhance the security of our systems.”
The notice remained in place Monday.
A Boyne Resorts spokesperson responded to a request for an update said that statement still applies, but added that its properties have been taking reservations via telephone since late last week.
The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) on Oct. 1 issued a warning that organizations making ransom payments could be sanctioned if their actions violate OFAC regulations.
The ransomware used against Boyne is known as WastedLocker, according to Bleeping Computer. The same attack was used in July against global positioning system company Garmin.
According to Bleeping Computer, security firms attribute WastedLocker to a Russian-based hacking group known as Evil Corp. The group has been active since at least 2007 and is known for developing the Dridex malware and the ransomware BitPaymer.
The U.S. Treasury Department in December 2019 sanctioned Evil Corp for causing more than $100 million in financial damages.
Boyne Resorts is based in Boyne Falls and Petoskey.
It has 11,000 employees at resorts in Maine, Michigan, Montana, New Hampshire, Tennessee, Utah, Washington and British Columbia. In Michigan, it operates Boyne Highlands, Boyne Mountain, Boyne Country Sports, Avalanche Bay Indoor Waterpark and Inn at Bay Harbor — Autograph Collection.