Threat Watch

MSP Xchanging Suffers Ransomware Attack

DXC Technology has reported a ransomware incident to the US Securities and Exchange Commission regarding its subsidiary, Xchanging, on July 5th. Xchanging is a managed services provider (MSP) primarily focused on insurance-based businesses. Although the ransomware family has not yet been made public, DXC has expressed confidence that the infection did not spread beyond a subset of the Xchanging environment. The attack did affect services for a small number of customers, but no customer data appears to have been breached or lost.

Subscribe to Threat Watch

Daily summaries of threats, delivered straight to your inbox!


Click Here to Subscribe to Threat Watch

ANALYST NOTES

While no information has been provided about the method of intrusion yet, many ransomware attacks begin through phishing attempts. Many attacks (not just ransomware) can be prevented through a combination of email gateway monitoring and security education focused on phishing. Remote Desktop Protocol (RDP) is also a common vector of attack in ransom cases. RDP should only be accessible from within an organization’s network, using a VPN to provide secure remote connectivity, rather than allowing direct connections from the Internet. Organizations should also consider deploying an endpoint monitoring solution to monitor for suspicious actions taken by malicious actors. Managed security services such as the Binary Defense Security Operations Center (SOC) can provide 24/7 monitoring to quickly detect, contain and alert security teams to threats before they have the chance to spread throughout the network.

Source: https://www.bleepingcomputer.com/news/security/ransomware-attack-on-insurance-msp-xchanging-affects-clients/

https://www.sec.gov/Archives/edgar/data/1688568/000119312520187244/d942699dex991.htm

Facebook Twitter Instagram Youtube Linkedin
Solutions
Become a Reseller

Industries

Resources

About

Contact Us
Contact Support