UAE-based Finablr has been making turn-of-the-year global headlines but not for the reasons it would like. Finablr is the majority owner of Travelex which has fallen victim to a software virus cyberattack on its foreign exchange services unit that forced it to take its systems offline. Travelex had to shut down all its computer systems across 30 countries on New Year’s Eve to contain the virus and protect data when it was being held to ransom by hackers.
While the company said the attack – by ransomware Sodinokibi otherwise known as REvil - is unlikely to have a "material financial impact" on the group the disruption has been immense. Travelex had to resort to pen and paper and twitter to handle customer enquiries and to manually process foreign exchange services.
The cyber gang claimed to have gained access to the company’s computer network and to have downloaded 5GB of sensitive customer data. Travelex says its investigation initially showed that no personal or customer data had been compromised.
Nevertheless, the attack has left Travelex, the world’s largest currency exchange bureau, exposed to the many ramifications of cyber-attacks, the rebuilding of customer trust among them and the cost of downtime. The company says it is working closely with the UK's National Crime Agency and the Metropolitan Police who have launched a criminal investigation and Travelex says it’s also talking to relevant regulators across the world. While the company was able to restore some internal systems and get others back online. It had to deal with a barrage from customers frustrated at the lack of communication.
The new cyber protection era
This first major reported cyber-attack of 2020 brings into stark focus the need for what Acronis, which develops on-premise and cloud software for backup, disaster recovery, and secure file sync and share and data access, has dubbed ‘cyber protection’. Acronis has gone one step further, declaring ‘cyber protection’ the new essential I.T. discipline.
And the World Economic Forum 2019 global risk report has named cyber-attacks and data breaches as the fourth and fifth most serious risks facing the globe today.
Email - the weakest spot?
And it’s a sad fact of life that email – which we depend on for our daily work and many personal affairs, is increasingly a ‘Trojan Horse’ route for hackers into our accounts and the easiest means to spread viruses.
In its State of Email Security Report 2019, Mimecast, the email cloud security provider, says that 62% of the businesses it canvassed in the UAE admitted a ransomware attack has impacted their business in the previous 12 months.
Mimecast also pointed out that less than half the organisations canvassed – 46% - did not have any cyber-resilience roadmap in place despite the risks. A single email attack, it points out, can disrupt business operations for days and cause data access issues, especially when it involves the often-costly consequences of ransomware. “Not only is ransomware not going away, research confirms it’s growing,” warns the report.
The cyber resilience roadmap — a 2020 essential
A cyber-resilience roadmap is now essential to any secure organisation and must take a four-dimensional approach offering:
- Threat protection
A business needs to understand the risks and discover the products to protect employee communication and reduce risk with targeted threat protection, data leak prevention, and enforced security controls.
How do you draft a cyber resilience roadmap?
It’s easy with Cobweb. We fully understand Mimecast’s email protection solutions to give you pro-active, active and reactive cover. We can help design a tailored roadmap specific to your business and the threats it may face.
Think of us as your Cyber Resilience architect. We will take an in-depth look at your business and determine the best course of action. We will help you implement or migrate security solutions, educate and train your staff, support your in-house teams, or undertake any necessary turnkey implementation.
Take the first step and assess your business's security now. Complete our survey and get a free report full of recommendations.
Cybersecurity has always been a business priority; the impact of COVID-19 makes this more important than ever.Read More
As businesses begin to return to the office, we explore how you can stay secure in a post-COVID worldRead More