X-Cart suffers from ransomware attack Special

Posted Nov 15, 2020 by Tim Sandle
Ecommerce software vendor X-Cart has suffered a ransomware attack which brought down customer stores hosted on the company's hosting platform. A cybersecurity expert takes stock of the situation.
Ransomware attacks have become more targeted  eaccording to Europol
Ransomware attacks have become more targeted, eaccording to Europol
Rob Engelaar, ANP/AFP/File
The incident involving X-Cart is believed to have taken place after attackers exploited a vulnerability in a third-party software to gain access to X-Cart's store hosting systems. Some stores went down completely, while others reported issues with sending email alerts.
Ideally, before deploying third-party tools onto a system, a business should be cautious and seek to understand the potential security risks. Good practices include performing security audits and penetration tests.
Looking into the matter for Digital Journal is cybersecurity professional, Dr. Vinay Sridhara, CTO of Balbix.
According to Sridhara, the time of the year for the attack is troubling: “With the holiday season fast approaching, retail companies should expect to see a continued increase in online consumer buying patterns due to COVID-19. Today’s enterprise attack surface is massive, and there are nearly unlimited things that can go wrong."
The actual issue shows a general concern for certain types of business ventures: "According to a recent report, nearly half (46 percent) of organizations find it hard to tell which vulnerabilities are real threats versus ones that will never be exploited. This leaves security teams flying blind when it comes to prioritizing risk and leaves organizations vulnerable to unexpected attacks."
With the specific incident, the analyst notes: "The threat actors gained access to X-Cart’s systems by exploiting a vulnerability in third-party software; thus, it is critical for organizations to implement security solutions that scan and monitor not just the organization-owned and managed assets, but also all third-party systems to detect vulnerabilities that could be exploited."
For preventive actions, Sridhara advises: "The key to thwarting future attacks is to leverage security tools that employ AI and ML to observe and analyze the entire network in real-time and derive insights in order to prioritize the vulnerabilities that need to be fixed. Proactively managing risk must become the new norm and is a requirement for successful cybersecurity practice.”