Key lessons from the Travelex ransomware attack

Hacker involved in ransomware
A ransomware attack at the start of this year caused major disruption for currency provider Travelex. What lessons can be learned from this for other businesses?

Security concerns should be a top priority for all businesses today, but 2020 was barely a few hours old when news broke of another major firm falling victim to a hacking attack that left it struggling to cope.

Early last month, travel money provider Travelex admitted it had been targeted by a ransomware attack that locked it out of key IT systems unless it paid a seven-figure ransom.

The impact of this was still being felt weeks after the incident started, with it taking until almost the end of the month for services to start being restored. Therefore, the incident should serve as yet another reminder to other businesses of the importance of strong security and the risk they may face if there are any shortcomings in the area.

But as well as this, what specific lessons can other firms take from this attack that they can apply to their own operations? Here are three key takeaways.

1. Ransomware must be taken seriously

The Travelex hack is far from the first time ransomware has left organisations struggling to operate. In 2018, the WannaCry malware left many NHS trusts unable to access key resources, eventually costing it around £92 million. Meanwhile, in the US, local authorities have proven to be especially lucrative for hackers, with many targets feeling they have no choice but to pay up in order to restore essential civic services.

What these cases, and now the new hack, show, is that ransomware can have a crippling impact on any business. In Travelex’s case, it’s been reported staff were required to hand over their laptops and resorted to using pen and paper to serve customers, highlighting how this type of attack can take entire businesses out of action. 

In many cases, it may prove impossible to retrieve hacked data without paying a ransom, which is why any security strategy must have a comprehensive plan for dealing with this specific type of attack.

2. Patching matters

It’s been suggested that the ransomware that affected Travelex gained entry through known vulnerabilities in the VPN service the firm used to allow staff to access its network remotely. According to Computer Weekly, the company had not patched this service for more than eight months prior to the attack, despite updates being available to close these vulnerabilities since April 2019.

Keeping up-to-date with patches is still the best way to counter many of today’s cyber threats – yet it’s something many firms are failing to do. And if this proves to be the case with Travelex, the disruption could have been easily avoided. In fact, research by Bulletproof Security warns 50 per cent of critical to high-risk flaws involve outdated components, so cracking down on this area must be a top priority for all firms.

3. The importance of securing your supply chain

Another reason why the recent attack was so damaging was that its effects were felt far beyond the initial target. For instance, high street banks including Barclays, HSBC and Royal Bank of Scotland were all left unable to serve customers, as their consumer foreign exchange services relied on Travelex, and they were still reporting problems with processing orders more than three weeks after the initial attack.

In today’s environment, where systems from different companies are so interconnected, it’s vital for all businesses to have a comprehensive view of their IT estate, including any third-party services they use and any external companies that have access to their data. 

Even if you have strong security plans in place, can you say the same for all your suppliers and partners? These questions need to be raised whenever agreements between firms are being made or renewed. 

We can help your business! Contact Arrow Now

About Us

With over 20 years in the business telecoms industry and an unrivalled reputation of delivering excellent, personal customer service, Arrow is one of very few companies in the UK able to provide a full telecoms, IT and energy consultancy and service proposition.

Contact Form