Connect with us

Hi, what are you looking for?

Tech & Science

X-Cart suffers from ransomware attack (Includes interview)

The incident involving X-Cart is believed to have taken place after attackers exploited a vulnerability in a third-party software to gain access to X-Cart’s store hosting systems. Some stores went down completely, while others reported issues with sending email alerts.

Ideally, before deploying third-party tools onto a system, a business should be cautious and seek to understand the potential security risks. Good practices include performing security audits and penetration tests.

Looking into the matter for Digital Journal is cybersecurity professional, Dr. Vinay Sridhara, CTO of Balbix.

According to Sridhara, the time of the year for the attack is troubling: “With the holiday season fast approaching, retail companies should expect to see a continued increase in online consumer buying patterns due to COVID-19. Today’s enterprise attack surface is massive, and there are nearly unlimited things that can go wrong.”

The actual issue shows a general concern for certain types of business ventures: “According to a recent report, nearly half (46 percent) of organizations find it hard to tell which vulnerabilities are real threats versus ones that will never be exploited. This leaves security teams flying blind when it comes to prioritizing risk and leaves organizations vulnerable to unexpected attacks.”

With the specific incident, the analyst notes: “The threat actors gained access to X-Cart’s systems by exploiting a vulnerability in third-party software; thus, it is critical for organizations to implement security solutions that scan and monitor not just the organization-owned and managed assets, but also all third-party systems to detect vulnerabilities that could be exploited.”

For preventive actions, Sridhara advises: “The key to thwarting future attacks is to leverage security tools that employ AI and ML to observe and analyze the entire network in real-time and derive insights in order to prioritize the vulnerabilities that need to be fixed. Proactively managing risk must become the new norm and is a requirement for successful cybersecurity practice.”

Avatar photo
Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, business, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

Social Media

Meta says that most of the cover influence operations it has disrupted in recent years were carried out by actors from Russia, Iran and...

Business

The US government said Tuesday it was "disappointed" after nations negotiating a global treaty to curb plastic waste failed to reach a deal.

Business

Wall Street: — © Digital JournalAsian traders shifted tentatively Tuesday as they battled to track another record on Wall Street owing to fresh China-US...