The Travelex hack that has seen ransomware cripple the foreign exchange company since New Year’s Eve has had a knock-on impact on the majority of the UK’s high street banks, raising concerns about how interconnected the international economy has become.
Over a dozen UK banks, including the Royal Bank of Scotland, Lloyds Banking Group, Barclays and HSBC, have been unable to process online orders for foreign currency, forcing customers to come into branches if they want to get euros, dollars or other currencies.
Travelex itself continues to grapple with the hack, which saw the company’s systems encrypted by high-profile ransomware group Sodinokibi.
The foreign exchange company, which has been forced to take all of its global websites offline in response to the incident, is reportedly being asked by the group to pay $6m (£4.6m) to regain access its systems.
Bank impact of Travelex hack raises concerns over “new international economic order”
The fact that the Travelex hack has had such a marked impact on other financial institutions has led to concerns about increased digitalisation of the financial system.
In particular, experts have drawn attention to the fact that individual institutions are increasingly reliant on each other to function effectively, putting larger parts of the financial system at risk in the event of cybersecurity incidents.
“The bottom line is we are getting into a more fragile world, and we need to beef it up now,” said Sam Curry, chief security officer at Cybereason.
“Overall, the inability of some of the world’s largest banks to service its customers with online currency highlights the degree of interconnectivity and dependence in the new international economic order.
“Would anyone have flagged Travelex before the ransomware incident as critical infrastructure? Maybe. Maybe not. In the end, the ripple effects of even a delay in service with this one company are spreading. Globalised economies become increasingly interdependent with multiple points of failure progressively over time.”
Curry argues that the financial system needs to look at the issue collectively in order to prevent future knock-on effects.
“The lesson is that it’s not just about you and your obvious supply chain. Anti-fragility and resilience are critically important to us collectively. There are lessons here no doubt that will emerge about how to handle an incident or how not to. Time will tell,” he said.
“But there are also lessons for us to look at collectively. With less distance than ever before between any two points in the connected world, the potential for even relatively small players to cause cascade failures needs to be understood and better modeled. The extent of the pain from Travelex with other companies and customers has yet to be seen and won’t until the dust settles.”