Travelex, known for currency exchange services, was the victim of a malware attack on New Year’s Eve which suspended some of their services. The attack forced some systems to go offline to avoid further spread of the malware. This also affected other businesses such as Tesco Bank, which uses Travelex for its foreign currency exchange services. At this time, Travelex stated that no client information was stolen and the company declined to mention the type of malware that was used, but there are many signs that point to ransomware. Travelex has employed third-party IT and security services in order to get a better understanding of how the malware made its way into their systems and what they can do to stop it.
While the type of malware has not yet been confirmed, it is still important to mention putting together a good defense-in-depth strategy that can safeguard systems and stop or slow attacks before they spread to different areas in a company’s network. Endpoint Detection and Response (EDR) monitoring is an important part of an overall strategy for defense, to detect early warning signs of attacker behaviors that signature-based anti-virus miss.