Patch Patch Patch!
As you may be aware Travelex has faced a devastating cyber attack with the following statement from their website:
"On Tuesday December 31st Travelex detected a software virus which had compromised some of its services. As previously announced, on discovering the virus, and as a precautionary measure, Travelex immediately took all its systems offline to prevent the spread of the virus further across the network. "
It appears that Travelex took several months to patch critical vulnerabilities in its Pulse Secure VPN servers, according to Bad Packets.
The ransomware gang Sodinokibi spoke to the BBC and said it is behind the hack and wants Travelex to pay $6m (£4.6m).
The gang claimed that they have gained access to the company’s computer network six months ago and have downloaded 5GB of sensitive customer data.
The Sodinokibi malware appears to have links to Grandcrab that is responsible for 40% of all ransomware globally. Inspection of Sodinokibi shows that it is extremely similar to Grandcrab, and seems to be catching up to Grandcrab scale rather rapidly
How do you protect yourself, well with all things it comes down to best practices:
· Backup your data and test restores regularly
· Have a plan, just in case things do go wrong.
· Scan your network regularly for vulnerabilities and patch regularly. (Critical patches should be treated as that, don't delay)
· Run breach attack simulation regularly to discover weaknesses before the bad guys do.
· Continuously monitor your infrastructure for threats, we would of course recommend our managed solution Overwatch!