Travelex ransomware and the role of risk management software defending against it

January 23, 2020

When we predicted the cybersecurity trends for 2020, ransomware was one of the main factors we discussed. It’s been around since 2012 and has really come to prominence as a threatover the past few years in particular.

This growth in ransomware attacks has led to companies taking IT risk management much more seriously than previously. It has also encouraged significant growth in cybersecurity tools and integrated cybersecurity modules within GRC software and IT GRC tools.

Organisations desperately need these smarter tools to defend themselves against ransomware (and other cybersecurity threats). This was highlighted again in the first few weeks of 2020, with the latest ransomware attack, which saw foreign exchange company Travelex held to ransom by attackers.

What is the lowdown on the first major ransomware attack of 2020 and how can risk management software help an organisation keep itself protected?

The Travelex attack

2019 saw many ransomware attacks, one of the biggest of which was Robbin Hood. This ransomware attacked the Baltimore city government, affecting property purchases, water bills, and city chargesand eventually costs the city £13.8M.

January 2020 saw a potentially even bigger ransomware attack, as Travelex was forced to turn off almost all its computer systems and revert to pen and paper, with hackers asking for £4.6M to unlock its systems again.

This was a hugely impactful ransomware attack. Banks that use Travelex to run foreign exchange services – including Barclays, Lloyds and RBS – were unable to sell travel money two weeks after the initial attack. There are also GDPR implications to this attack.

Although there is no evidence yet to suggest consumer data has been affected, and the Information Commissioner’s Office (ICO) has not received a data breach report from Travelex, this does not necessarily mean that a breach has not occurred.

The ICO must be informed with 72 hours of an organisation becoming aware of a breach. However, if that firm decides a breach doesn’t need to be reported, they need to be able to explain why it wasn’t reported and the ICO will then adjudicate whether a breach has taken place or not. Worryingly for Travelex, the hackers – a gang called Sodinokibi – are claiming they accessed the company’s computer network six months ago and have downloaded 5GB of sensitive customer data.

IT risk management software and cyber attacks

The recent AMRAE RMIS PANORAMA report that surveys vendors and risk managers to gain a better understanding of the market, revealed that the percentage of vendors with an integrated cybersecurity module rose to 46% in 2019. This is a sure sign that IT security threats – such as ransomware – are increasingly being perceived as the business risks that they have always been, and also that business risk management tools are playing an important role in managing and mitigating such risk.

Oxial has a slightly different approach with our sGRC solution. We work with a wide range of business and technology partners that add knowledge, expertise and market understanding to our core GRC software. One of our technology partners is IT security firm, Global Data Sentinel, whose platform offers advanced security controls and features, and dovetails perfectly with the sGRC solution.

This is an important difference in approach and one that has proved highly successful in helping organisations keep safe against ransomware attacks and other cyber threats. Cybercriminals are so sophisticated and professional in 2020 that businesses have to constantly think one step ahead to protect the business effectively. Doing so includes selecting the right GRC software and using that for effective risk cartography, mapping out the risks that may present themselves.

Mitigating ransomware risk

Utilising risk management software, as part of an integrated GRC software solution,allows an organisation to assess and mitigate the risk caused by a ransomware attack. This is vitally important, as the cost of ransomware can go way beyond the actual ransom.

There are many other costs associated with a ransomware attack, including employee downtime, unfulfilled customer orders leading to dissatisfied customers, lost new business opportunities, damage to brand reputation and even fines for non-compliance, such as with GDPR.

When planning cybersecurity investment, all of this needs to be factored into discussions. If the costs of patching any vulnerabilities feels like more than an organisation wants to pay, then the cost of allowing ransomware risk to escalate would most likely be far greater. This is why more and more organisations are treating ransomware and other cybersecurity threats as a business risk, and managing and mitigating that risk using IT GRC tools.

Oxial has a long heritage of helping firms address ransomware threat as part of an integrated GRC solution. Our new sGRC solution offers an innovative approach to this task and can add value to any organisation.

The Travelex ransomware attack is just the tip of the iceberg and there will be many more to follow in 2020. If your organisationwould like to explore ways of adopting business risk management, then please get in touch with us here to discuss your requirements.