Connect with us

Hi, what are you looking for?

Tech & Science

X-Cart suffers from ransomware attack (Includes interview)

Avatar photo

Published

The incident involving X-Cart is believed to have taken place after attackers exploited a vulnerability in a third-party software to gain access to X-Cart’s store hosting systems. Some stores went down completely, while others reported issues with sending email alerts.

Ideally, before deploying third-party tools onto a system, a business should be cautious and seek to understand the potential security risks. Good practices include performing security audits and penetration tests.

Looking into the matter for Digital Journal is cybersecurity professional, Dr. Vinay Sridhara, CTO of Balbix.

According to Sridhara, the time of the year for the attack is troubling: “With the holiday season fast approaching, retail companies should expect to see a continued increase in online consumer buying patterns due to COVID-19. Today’s enterprise attack surface is massive, and there are nearly unlimited things that can go wrong.”

The actual issue shows a general concern for certain types of business ventures: “According to a recent report, nearly half (46 percent) of organizations find it hard to tell which vulnerabilities are real threats versus ones that will never be exploited. This leaves security teams flying blind when it comes to prioritizing risk and leaves organizations vulnerable to unexpected attacks.”

With the specific incident, the analyst notes: “The threat actors gained access to X-Cart’s systems by exploiting a vulnerability in third-party software; thus, it is critical for organizations to implement security solutions that scan and monitor not just the organization-owned and managed assets, but also all third-party systems to detect vulnerabilities that could be exploited.”

For preventive actions, Sridhara advises: “The key to thwarting future attacks is to leverage security tools that employ AI and ML to observe and analyze the entire network in real-time and derive insights in order to prioritize the vulnerabilities that need to be fixed. Proactively managing risk must become the new norm and is a requirement for successful cybersecurity practice.”

In this article:Cybersecurity, cyberttack, Ecommerce software vendor
Avatar photo
Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, business, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

Imran Ahmed, head of a prominent anti-disinformation watchdog, has warned of the dangers posed by AI chatbots, saying children are particularly vulnerable to their charms Imran Ahmed, head of a prominent anti-disinformation watchdog, has warned of the dangers posed by AI chatbots, saying children are particularly vulnerable to their charms

News

Op-Ed: AI ‘Forbidden Techniques’ and increased AI deception — Enough babble. Fix it.

What we need is trustworthy AI, not guessing games costing trillions.

17 hours ago

Business

The gap between AI velocity and AI governance is where incidents happen: Here’s how to close it.

In this business article, there's no theory. No back-to-basics. Just a clear argument and a playbook for the leaders in the middle of this...

8 hours ago
Dan Reynolds wanted a game inspired by the Capture the Flag he played as a young scout Dan Reynolds wanted a game inspired by the Capture the Flag he played as a young scout

Tech & Science

Imagine Dragons frontman chases childhood video game dream

Dan Reynolds wanted a game inspired by the Capture the Flag he played as a young scout - Copyright AFP Mauro PIMENTELA childhood dream...

22 hours ago

Tech & Science

New award to help researchers catalyse AI-driven discovery for the public good

his is what computer science looks like at its best — advancing discovery while improving lives on a global scale.

8 hours ago