Get Aligned!

Pulse Secure is one of many companies that deliver secure cloud and connectivity solutions to organisations worldwide. Such mission critical solutions require consistent maintenance and updating in accordance manufacturer guidelines and recommendations.

However, in April 2019, Pulse Secure published an urgent patch to a vulnerability in its widely used corporate VPN software. This vulnerability allowed remote attackers to gain access to administer the software without a username or password. Naturally the consequences of such action could be catastrophic with the ability to change settings, view passwords cached by the VPN server in plain text, view logs and also turn off multi-factor authentication.

Organisations, such as Pulse Secure, publishing urgent patches doesn’t just get picked up by customers, but also cyber criminal groups who can exploit these know vulnerabilities. A particular cyber criminal group has been targeting this vulnerability – amongst many others – for some time with the aim of infiltrating systems, stealing data and planting ransomware.

It is the lack of updating and patching of the VPN server software which led to Travelex being infected with ransomware. Ignoring security patches on your network devices could have significant business consequences.

On New Year’s Eve, the company was hit by Sodinokibi ransomware, also known as REvil. The ransomware operators contacted the BBC and said they want Travelex to pay $6m (£4.6m). They also claimed to have had access to Travelex’s network for six months and to have extracted five gigabytes of customer data—including dates of birth, credit card information, and other personally identifiable information.

“In the case of payment, we will delete and will not use that [data]base and restore them the entire network,” the individual claiming to be part of the Sodinokibi operation told the BBC. “The deadline for doubling the payment is two days. Then another seven days and the sale of the entire base.”

Security researcher Kevin Beaumont found that Travelex had seven unpatched Pulse Secure servers. An exploit for the vulnerability has been available on Internet bulletin boards since August 2019.

The Travelex cyber-attack does provide a key learning to all organisations about ensuring there is a programme in place for monitoring and patching updates, particularly security updates, to all network and server systems in accordance with the software manufacturer.

Back to List

Related Stories

Diversity in Technology

Diversity in Technology

Google have recently started to publish their own internal hiring data to illustrate the diversity amongst its workforce. There is no questi…

Read Post

NCSC Warning: Windows 7 Unsafe For Banking & Email

NCSC Warning: Windows 7 Unsafe For Banking & Email

The National Cyber Security Centre (NCSC) has delivered a stark warning to all those that are still using Microsoft Windows 7:

Do not to …

Read Post

Cloud-first = key ingredient to business success

Cloud-first = key ingredient to business success

Organisations today should be building cloud-first networks and scaling cloud services.

A truly cloud-first approach to networking is whe…

Read Post

Using Microsoft Planner for Task Management

Using Microsoft Planner for Task Management

Microsoft is rapidly adding new features and updates to Office 365 to further improve its offerings but they have also been adding complet…

Read Post

A Guide to Cryptocurrency

A Guide to Cryptocurrency

Bitcoin attracted a large following during the last few years and captured significant investor and media attention in early 2013. But will …

Read Post

The Dark Web

The Dark Web

The Dark Web. It’s what a lot of Managed Services Providers, tech companies, the Police and media are talking about, but why and what is i…

Read Post

Microsoft SharePoint

Microsoft SharePoint

SharePoint is a web-based system that integrates with Microsoft Office. Launched in 2001, it was primarily used for intranet and document ma…

Read Post

Windows 7, Server 2008 and 2008 R2 security updates end January 2020

Windows 7, Server 2008 and 2008 R2 security update…

On January 14, 2020, support for Windows 7, Windows Server 2008 and 2008 R2 will end. That means the end of regular security updates. Failur…

Read Post

Protecting Your Property

Protecting Your Property

The physical protection of your building and IT Systems is just as important as online protection. With the use of information technology an…

Read Post

Understanding The Digital Workplace

Understanding The Digital Workplace

The digital workplace is the virtual, modern version of the traditional workplace. It quickly and securely provides personalised, role-based…

Read Post