Travelex attack part of a growing – and worrying – trend in ransomware

ransomware graphic

Experts suggest that the Travelex attack is just a taste of a what future cyber-crime has to offer

Earlier this week, a ransomware cyberattack on Travelex caused a major disruption to foreign currency exchange offices across Europe, Asia and the US, as high street banks were forced to shut down their computer systems to prevent hackers from accessing customer data.

Travelex supplies foreign notes to a wealth of high street banks, including Lloyds, Barclays and the Royal Bank of Scotland (RBS). After hackers demanded $6 million (£4.6 million) from Travelex in return for customer data, the company was forced to shut its computer system down. As such, fewer foreign notes are now circulating to banks, leaving many unable to maintain their travel money service.

“We are currently unable to accept any travel money orders either online, in branch or by telephone due to issues with our travel-money supplier, Travelex,” an RBS representative said. "We apologise for any inconvenience caused."

Although Travelex has asserted that there is no evidence that any customer data has been compromised, the monumental impact that this cyberattack has had certainly doesn’t bode well for the industry.

Nick Beecroft, Client Services Manager at CyberCube – a cyber analytics provider for the global insurance industry – said: “What’s happened to Travelex is part of a rapidly growing trend. Ransomware has become more than a cottage industry with ransomware developers and hackers teaming up to attack companies and then divide the spoils. There are also so-called ‘big game hunters’ who work alone and target firms able to pay large ransoms.”

Beecraft elaborated, noting that ransomware attacks are increasing year on year, and will soon reach a point at which a major attack could ‘cripple’ businesses across the world. “What would amount to a complete systematic failure,” he warns.

Luckily, he explains, the insurance industry (which offers protection to businesses like Travelex) is already planning a response to this kind of event. “We’re building the complex models that allow insurers and other organisations to examine what the effect of a catastrophic ransomware attack would be,” he notes. “In the case of Travelex, their problems have affected partner businesses like Sainsbury’s, Tesco and Virgin Money. A major systemic ransomware event would spread much more widely, potentially hobbling large swathes of the economy.”