Just a brief blog today about the dire results of a ransomware attack that hit foreign exchange company Travelex. Stemming a ransomware attack that hit the company in December 2019, in conjunction with the current COVID-19 pandemic, the company has been forced into a GBP84MM financial restructuring in a bid to save the business. “Despite operating over 1000 ATMs and 1000+ stores globally, and providing services for banks, supermarkets and travel agencies in over 60 countries, the firm was forced to cut over 1300 jobs as part of the restructuring.”
In this case, the Sodinokibi (REvil) variant of ransomware is believed to have been used in the attack, which forced its website online and impacted its brick-and-mortar stores and banking services. Unfortunately, it took the company over 2 weeks for Travelex to get its customer-facing systems back online in the UK, causing an untold amount of monetary and brand damage. The cause, although unconfirmed, suggests that the company had a critical unpatched vulnerability in its VPNs that may have allowed attackers to remotely launch malicious code. Reports also state that the REvil hacker gang responsible for the attack demanded a ransom of GBP4.6MM for the decryption key and to delete stolen customer data.
This case again brings to light the dire consequences that some firms may face if they are hit by a ransomware attack. Although Travelex has taken the steps to overcome the effects of the attack, as they work through a financial restructuring in order to safeguard jobs and to keep the business as an ongoing concern, many other companies are not as lucky. Without adequate emergency and contingency plans in place, some companies have been forced out of business altogether.
So, the question is, “Could your firm be next?”. How well prepared is your organization if it were to be hit by any sort of ransomware? Do you have protection in place to detect and block something that could spell the doom of your company? If you have any sort of concern that your organization could go under in such an attack, we suggest that you consider putting in place real-time threat protection that can detect and block all such attacks, BEFORE they can enter your network to do any harm. Wedge’s Absolute Real-time Protection (WedgeARP) orchestrated threat management platform is a proactive way of dealing with all malware (including APTs, zero days, known and unknown). Utilizing patented Deep Content Inspection techniques, along with orchestrated threat management with multiple layers of protection, WedgeARP can provide the safety blanket that organizations need in this age of increasing ransomware attacks. WedgeARP is the first and only platform that applies deep learning / machine learning-based threat detection to network content. The best way to not have to pay a ransom is to take the preventative approach of stopping ransomware before it can even get into your network. Contact our team at: info@wedgenetworks.com to find out more about how you can protect your organization.
