2 月 2023 - 頁9，共12

Ransomware attack on insurance MSP Xchanging affects clients

Global IT services and solutions provider DXC Technology announced over the weekend a ransomware attack on systems from its Xchanging subsidiary.

Xchanging is known as a managed service provider for businesses in the insurance industry but its list of customers includes companies from other fields: financial services, aerospace and defense, automotive, education, consumer packaged goods, healthcare, manufacturing.

Several customers affected

DXC Technology notified its investors in an 8-K form filed with the U.S. Securities and Exchange Commission that Xchanging has detected a ransomware attack on some of its systems.

The company reported the incident on July 5, expressing confidence that it did not spread outside the Xchanging network. For the moment, the investigation did not reveal any indication of data being affected. It is unclear when the company detected the attack.

An undisclosed number of customers was impacted by the cyberattack, denying access to their operating environment, reads the notification from the company. Containment and remediation measures were deployed to resolve the situation.

In a statement to BleepingComputer, a company spokesperson said that the problem is isolated to a subset of the Xchanging business and that customer data was not compromised or lost.

Efforts to restore services to customers are ongoing and at the moment remediation work is being done for just a few of them.

“While the revenue from those impacted customers is not material to DXC financial position, we nevertheless take this situation very seriously and have already restored services as nearly all of them” – DXC Technology spokesperson

As is typically the case with such incidents, the company is working with law enforcement and authorities on the investigation. This is also why there are few details available at this time.

There is no information about the family of the file-encrypting malware used in the attack and BleepingComputer does not know of a ransomware gang claiming the attack.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Bullwall
BullWall is a fast-growing international cybersecurity solution provider with a dedicated focus on protecting critical data during active ransomware attacks. We are the only security solution able to contain both known and unknown ransomware variants in seconds, preventing encryption and exfiltration across all data storage types.

2023 Bullwall

10 個減少「數碼足跡」的方法

在網絡罪案日益增多的時代，限制和管理您的「數碼足跡」是絕對有意義的。「數碼足跡」並不是一個新事物，但足跡分佈在如此多的網站、帳戶和裝置上，到底應該從哪裡開始？

1. 減少下載應用程式
應用程式通常需要用戶輸入個人資料才可以正作運作，程式還可能會追蹤位置、瀏覽活動和其他信息，然後與第三方共享。建議適時檢視您的裝置，並刪除一些很久沒有使用的應用程式。

2. 減少建立帳號
試過在網購時建立帳號並加入信用卡資料嗎？減少建立帳號，讓系統不會紀錄您的付款信息。雖然在下次購物時會帶來不便，但可以更好的保障自己。

3. 保密行蹤
「位置追蹤」是其中一種最具侵入性的數據捕獲方式，第三方可以從中拼湊出關於您日常的活動和習慣，請務必阻止應用程式追蹤您的位置。

4. 禁用第三方 Cookie
Cookie 是在您訪問網站時，下載到您裝置上的小文件，雖然可能會改善瀏覽體驗，但當中可能會洩漏用戶名稱和密碼。如果在訪問網站時出現選擇，只需拒絕接受 Cookie，您還可以通過瀏覽器的私隱設定禁用第三方追蹤。

5. 行使刪除權
「刪除權」是歐盟 GDPR 相關的條例，您可以要求 Google 等科技公司刪除您不喜歡的信息，例如位置追蹤、搜索引擎紀錄或整個帳號。

6. 對敏感資料提高驚覺
有時為了獲得您想要的產品或服務，提供信息是不可避免的，但請對敏感資料提高驚覺，特別是電話號碼、電子郵件和家庭住址、財務等信息。

7. 不要填寫網上問卷
互聯網上充斥著網上問卷，通常以現金或禮物吸引人填寫，當中有可能會竊取您的個人信息用於網絡釣魚活動或在暗網上出售。

8. 減少訂閱品牌通訊電郵
如果您對某些品牌不太感興趣，可考慮使用專用電子郵件地址或一次性電子郵件帳戶。對大部份人來說，這些品牌通訊電郵只會堵塞我們的收件箱。

9. 謹慎使用社交媒體
考慮其他人和潛在雇主如何接收這些內容，當中是否包含有關您工作和個人生活的敏感信息，建議只添加您在現實生活中認識的人。

10. 限制您的裝置數量
最後，考慮您有多少個裝置和電腦處於活躍使用狀態。它們每一個都是潛在的數據寶庫，如果裝置丟失或被盜，這些數據可能就會洩漏。您真的需要購買那款新平板電腦嗎？如果答案仍然是「是」，請考慮是否需要將所有個人數據同步到這個裝置？

關於Version 2

Version 2 Digital 是立足亞洲的增值代理商及IT開發者。公司在網絡安全、雲端、數據保護、終端設備、基礎設施、系統監控、存儲、網絡管理、商業生產力和通信產品等各個領域代理發展各種 IT 產品。透過公司龐大的網絡、通路、銷售點、分銷商及合作夥伴，Version 2 提供廣被市場讚賞的產品及服務。Version 2 的銷售網絡包括台灣、香港、澳門、中國大陸、新加坡、馬來西亞等各亞太地區，客戶來自各行各業，包括全球 1000 大跨國企業、上市公司、公用事業、醫療、金融、教育機構、政府部門、無數成功的中小企及來自亞洲各城市的消費市場客戶。

關於ESET
ESET成立於1992年，是一家面向企業與個人用戶的全球性的電腦安全軟件提供商，其獲獎產品 — NOD32防病毒軟件系統，能夠針對各種已知或未知病毒、間諜軟件（spyware）、rootkits和其他惡意軟件為電腦系統提供實時保護。ESET NOD32佔用系統資源最少，偵測速度最快，可以提供最有效的保護，並且比其他任何防病毒產品獲得了更多的Virus Bulletin 100獎項。ESET連續五年被評為“德勤高科技快速成長500 強”（Deloitte’s Technology Fast 500）公司，擁有廣泛的合作夥伴網絡，包括佳能、戴爾、微軟等國際知名公司，在布拉迪斯拉發（斯洛伐克）、布裏斯托爾（英國）、布宜諾斯艾利斯（阿根廷）、布拉格（捷克）、聖地亞哥（美國）等地均設有辦事處，代理機構覆蓋全球超過100個國家。

edm