AUS
NZ
UK
CA
USA
FRA
GER
ESP
ITA
NLD
PRT
SWE
GRC
IND
POL
BRA
ZAF
RUS
CHN
UAE
Various top banks such as Barclays, Lloyds and Royal Bank of Scotland among many others are compelled to stop consumers orders of foreign currency due to cyber-attack at Travelex, a foreign exchange services company. The cyber-hackers have demanded a huge ransom of $6 million or £4.6 million for customer data information from the company. Though, Travelex has confirmed that there is still no proof that customer data has been accessed by the attackers. It has also stated that soon after the matter came into notice, all its system has gone offline, to restrict the spread. Reportedly, its cashiers are working with pen and paper to keep cash moving at desks on the High Streets at airports. The incident has once again forced to think that old working style was somewhat better as compared to the internet-linked computer-based system of work.
The Royal Bank of Scotland representative stated that they are unable to service any travel money requests by telephone, through online and in-branch due to issue of Travelex cyber-attack. The other banks have also cited similar inability and said that banks are focused relatively on Travelex resolving its trouble before they could rebuild their service.
The company confirmed that it is investigating securely with the City Police, which is heading the inquiry into the Cyberattack. Travelex further said that it is progressively re-establishing several core systems and is making all efforts to restart normal operations as soon as possible.
Types of cyber-attacks
The cyberattack is a global misuse of computer network, software, technology and the computer system. A cyber-attack is also considered as a computer network attack, some of the major cyber-attack are as follows:
Ransomware - Ransomware gains access to target's data, usually threatening delete if a ransom demand is not met. However, there is no assurance giving a ransom will bring access of the data back. Ransomware spreads via Trojan supplying a payload masquerading as a valid file.
SQL Injection - SQL injection virus which is also called SQLI is a kind of attack that engages malicious code for backend databanks misuse to gain access to intelligence that was not planned for display. This could be anything like user lists, private customer details or sensitive company data. SQL Injection can have destructive impacts on the business. SQLI attack can cause deletion of entire spreadsheets, illegal broadcasting of user lists, and in a few cases, the hacker can obtain control of the organisational log on to a database. These could be extremely negative to a business.
Phishing Attacks â Phishing attacks are a type of social engineering which usually steal credit card, debit card and net banking information and credential.
Drive-by Attack â In this attack, the attacker looks for an insecure website and then script PHP or HTTP in one of the pages. This script can establish malware virus into the computer that invades the website or become an IFRAME that redirects the victimâs browser into a site dominated by the attacker. When users visit the affected site, they instinctively and quietly become infected if their computer is susceptible to the malware.
Password Attack â This kind of attack means that hackers want to hack usersâ passwords with wrong and illegal attention. Hackers can use dictionary strikes, password sniffers and cracking programs in password attacks. There are few defence methods against password attacks, but generally, the solution is instilling a password policy that includes a frequent change in minimum length and wrapped words.
Trojan Horses â This virus is one of the most dangerous viruses which is also called a malicious software program that pretends itself to be of some use. This virus will influence the entire system and not let the work done on time or reduce the speed of the system. Also, it is a prominent one to steal financial information.
Cross-Site Scripting - Cross-site scripting is a type of injection violation where the hacker delivers malicious scripts into content from otherwise reliable websites. Malicious code is generally delivered in the form of pieces of JavaScript code executed by the targetâs browser.
To focus more on the issue lets discuss the different cyber-attack scenarios and the events which have happened in the UK.
Top Cyber Attack on the United Kingdom
WannaCry ransomware attacks â This was a ransomware attack, which occurred in May 2017, to take advantage in obsolete windows operating systems of SMB which had its impact on more than 200 countries. This attacks spread to more than 40 NHS hospitals and trusts which were unable to help their patient, not only the IT systems related to pathology, X-rays and bleep systems were affected, but hackers also got the information of thousands of patient records including reports of medicines, patient histories and blood tests.
Wonga cyber-attack - Payday loan company Wonga suffered a cyber-attack in April 2017, covering the very crucial and confidential data of 0.245 million United Kingdom customers. It is also considered the worst data breach in the history of the United Kingdom. The event resulted in the loss of sensitive customer data that included bank account numbers, sort codes, names, phone numbers, last four digits of card numbers, email addresses and home addresses.
Three UK's âupgrade fraudâ data breach â This attack had affected more than 0.133 million United Kingdom customers in December 2016. The hackers effectively manoeuvred to break into Three's database that contained information data on the consumers who were eligible for phone upgrades which include dates of birth, addresses, marital statuses, employment statuses and email addresses, names, phone numbers, phone types, previous addresses and genders.
TalkTalk data breach â This cyber-attack was the series of attacks on TalkTalk's customer database between 15th October 2015 and 21st October 2015, which caused the damage of sensitive data going to 0.15 million consumers. Hackers also reached to the customer's bank account details and sort codes of at least 15K TalkTalk consumers. It shortly discovered that TalkTalk was utilising an obsolete database software that was no longer in use, which hackers were easily able to gain access by employing a SQL injection. TalkTalk was later penalised of £4 million by the Information Commissioner's Office (ICO) for the violation.
Tesco cyber-attack â In July 2016, Tesco was too met a cyber-attack. Due to that, the company experienced a major humiliation after hacker was able to withdraw money from 20,000 accounts out of the total 136,000 current accounts of banks. The irregular movement was also noticed in around 40,000 accounts belonging to previous customers. After this incident, Tesco was forced to suspend online transactions due to emergency security procedures. However, consumers were capable to operate other operations like making direct debit payments and withdrawing cash.
