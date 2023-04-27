LACONIA — Gift cards and the rewards program are not currently available to patrons of T-Bones Great American Eatery and Cactus Jack's, thanks to a crippling ransomware attack.
“We’re not able to issue any points or redeem any rewards,” said Tom Boucher, chief executive officer of Great NH Restaurants, which owns Cactus Jack's and T-Bones. “This has been going on for two-and-a-half weeks now. It’s not good.”
The ransomware attack is on the point-of-sale system, provided through a national vendor.
According to Boucher, his company has $2 million outstanding in gift cards.
On April 12, NCR Corporation, which owns the Aloha POS system used by Great NH Restaurants and countless other businesses, suffered a ransomware attack at one of their data centers.
Ransomware is the practice of using hacking techniques to take data hostage. During a ransomware attack, a target will start losing access to services or information on their compromised network. Once locked out, the victims are contacted by the hackers, who demand payment in return for a digital key to restore access.
In the last few years, such attacks have become increasingly commonplace, affecting individuals, schools, businesses, government sites and even hospitals.
In 2021, the hacker group DarkSide carried out a ransomware attack on the Colonial Pipeline, crippling its operation. Darkside demanded $4.4 billion in cryptocurrency in return for operational capabilities. The company obliged, and fortunately later had its ransom retrieved by the FBI.
However, the shutdown of the pipeline network resulted in panic buying and fuel price spikes that were already rising, causing lasting economic damage.
The stakes are not as high in the case of the NCR breach, but are still causing extensive problems for businesses statewide and in the rest of the country.
In addition to the rewards and gift card programs, NCR’s service is used for administrative tasks like payroll and online ordering, but in the case of Cactus Jack's and T-Bones, it appears only to be affecting the gift card and rewards program. Customers are still able to purchase meals.
“At the beginning we thought it’s no big deal," Boucher said. The systems have gone down "before, but the fact that all 10 of our restaurants went down on the same day and continued into the weekend.”
It wasn’t just Boucher’s restaurants that are paying the price.
“There’s 100,000 businesses across the country that have been affected by this,” Boucher said. “The public, they didn't know about it. It’s been very difficult for our customers, in that they’re able to come in, and [then] they can’t redeem their gift card that someone gave them, and they are frustrated and I don't blame them.”
For Boucher, NCR’s lack of transparency early on in the matter added to his own frustrations.
“All they communicated to us is, 'Our system is down, we’re working on it,'” Boucher said. “That was on Friday. On Saturday, I said, ‘I can’t believe our system is still down.’”
Boucher had to find more information himself by wading through Twitter. It wasn’t until April 17 that the company announced the outage was due to a ransomware attack.
“Upon such determination, NCR immediately started contacting customers, enacted its cyber security protocol and engaged outside experts to contain the incident and begin the recovery process,” wrote NCR’s media contact, Scott Sykes, in a press release. “The investigation into the incident includes NCR experts, external forensic cyber security experts and federal law enforcement.”
NCR has yet to disclose the exact amount demanded in ransom, or the identity of the hackers. Some outlets report that the criminal hacking group BlackCat claimed responsibility. The group is believed to have been formed in 2021. Despite its age, BlackCat has gained notoriety for attacks throughout the U.S., Europe, and portions of Asia. According to research conducted by cyber security company Trend Miro, a vast majority of the group’s targets have been in the U.S.
Boucher said he has been in touch with Gov. Sununu, the Attorney General’s Office, the commissioner of Business and Economic Affairs and the state’s Lodging and Restaurant Association regarding this matter.
It’s not yet clear when the issue will be resolved, but Boucher said he hopes to make things right with his customers, and believes NCR should answer as well. He also said the company would consider using a different POS going forward, but that is not an easy process.
“That’s not like switching cell phone carriers,” Boucher said of the complex transition. “I’m not even entertaining that idea right now.”
