The start of 2020 saw most people celebrating the start of a new year and a new decade. For worldwide currency company Travelex, it was the beginning of a cyber security nightmare that shut down their IT systems. If you go on their website, you will be greeted with the following message: “We're sorry but our online travel money service isn't available right now.”
Travelex’s woes have been widely publicised across the world as the repercussions of their situation haven’t just been felt by holidaymakers trying to exchange currency, but businesses such as Tesco, Sainsbury’s and other outlets who use the company to trade money in our high streets.
It was a very calculated attack with hackers supposedly infiltrating the Travelex IT system in mid-2019. They lay dormant while they monitored the system and collected information before initiating a full cyber-attack to bring down the Travelex system from the inside.
The hackers used a malware threat called Sodinokibi, also referred to as REvil, which interfered with Travelex’s IT systems in 70 countries. The hack affected their internal ordering system, which is used by other businesses, rendering its whole operation as hazardous.
The sophisticated method of attack has placed malware into the spotlight once again. Most people remember the NHS ransomware incursion of 2018 and the effect it had on appointments. The hackers in this case demanded a fee of $5 million from Travelex to decrypt the data or they would release more than 5.5 million customer records on the internet.
What about the security software?
While the Travelex cyber-attack might seem like a one-of-a-kind incident, industry experts estimate there are more than 65,000 cyber-attacks across the UK every day. These range from large city businesses to small offices and sole traders that may already have invested in on-site security software.
The Travelex hackers utilised the simplest method of entry via an email. Malware can be activated through an attachment on an email, a link on a website or stored in an unauthorised USB stick. Even though most businesses have some form of security that protects their devices, is there anything else can you use to protect your business?
Add another layer of filtering protection in the cloud
One of the most effective we have found is cloud security. This stops the threat before it even enters your business and is becoming a favourable addition to other business security tools. It works with anti-virus software and firewalls to provide an additional layer of protection by monitoring all incoming web traffic before it gets anywhere near your network and filters out all the threats in real-time. It blocks malicious and unwanted domains, suspect IP addresses and cloud applications before they connect with your network.
Find out why more businesses are moving to cloud security and filtering products or for more information please contact me directly.