Cyber Attack + COVID-19 spells disaster for Travelex :(
Currency exchange firm, Travelex has been forced into administration following a ransomware attack in December 2019. The footprint from the cyber-attack combined with the impact of the COVID-19 pandemic this year has driven the company into bankruptcy, with over 1000 jobs set to go.
On New Year’s Eve, Travelex was hit by a Sodinokibi (REvil) ransomware variant, taking down its website and impacting its stores and banking services for over two weeks. Following the devastating attack, Travelex reportedly paid a ransom of $2.3 million in bitcoin.
What is Sodinokibi?
Sodinokibi is a RaaS (ransomware-as-a-service) model that was discovered in April 2019. It is also known as ‘REvil’. It uses known security vulnerabilities and phishing campaigns to gain illegal access to the victim’s machine. The malware then elevates its user rights in order to access all files on the system with no restrictions. Next it encrypts the files and destroys everything the user’s backup folder. The hacker then demands a ransom in exchange for a decryption key which can be used to regain access to the locked-down files.
How can you protect your business against Sodinokibi and other ransomware attacks?
Sodinokibi affiliates seem to concentrate their attacks on larger companies where they ask for ‘big’ money. SME’s should never assume they are safe though as businesses of all sizes are increasingly at risk for ransomware attacks. Here are a few ways you can prevent your business from ransomware attacks –
Educate your employees on cyber safety
Most cyber-attacks begin with an employee clicking on an unsafe link. Training your staff to detect potential cyber threats will help your business avoid future attacks.
Make sure all devices are up to date
Ensure your security software is set to update automatically and keep all business applications patched to protect against vulnerabilities. Be aware that even the best antivirus software can be breached. That is why a robust backup strategy is essential.
Back-up, back-up and back-up again
Ensure you have up-to-date backups of your most important files. It’s a good idea to make sure the device that contains your back-up is not permanently connected to your companies’ network, and that you have more than one copy. Hackers can be known to attack when they are aware that the storage containing the backup is connected. Tiered or distributed backups keep multiple copies of backup files in different locations and on different media.
Not sure where to start with cybersecurity for your business or concerned your cyber security strategy is out of date? Contact us directly to chat further.
Creative Marketing Designer at Dufeu IT | Wife to a tech genius | Mother of two little princesses