Travelex is a Lesson For All The Industry … Minimise Surface Area, Patch and Backup

Senior executives should be looking at the evolving issue at Travelex, and immediately call up their security team and ask if they have backed-up and patched all their systems. They should be asking, too, the time it would take to recover the infrastructure on a major attack or outage.

Travelex’s network infrastructure was attacked on New Year's Eve, and it has since struggled to get restored [here]:

Their main site is currently down, and there’s no indication when it will be back up. The malware attack took Travelex websites offline in more than 20 countries, along with affecting other banks which use the company for their currency exchanges. Their retail outlets — typically hosted in airports and shopping malls — are also unable to use the Internet or send/receive emails. In fact, the company have yet to information the ICO that they have been breached.

It has since emerged that the “malware” was actually ransomware, and where the hackers are asking for a six-figure sum in order to recover the affect files. It looks like the infection is from Sodinokibi, — aka REvil — and which was…