MSPs are an increasingly popular target
A ransomware attack on a subsidiary of IT services goliath DXC has knocked customer services offline, the company admits.
The DXC ransomware incident was acknowledged by the firm late Monday.
The attack has hit systems at Xchanging, a London-headquartered managed service provider (MSP) that offers IT services and business process outsourcing to aerospace, banking, defence and insurance firms.
Xchanging also offers “cyber security assessment” services as part of its infrastructure managed services offering.
The incident is the latest in a string of attacks on MSPs, with cybercriminals appearing to realise that the downstream pressure from customers desperate to get services back up gives them leverage to secure ransoms.
DXC said: “The company is confident that this incident is isolated to the Xchanging environment. In addition, DXC does not have any indication at this time that data has been compromised or lost.”
In a post-breach boilerplate comment, it added: “The company has implemented a series of containment and remediation measures to resolve this situation. DXC is actively working with affected customers to restore access to their operating environment as quickly as possible. DXC is also engaging with law enforcement and appropriate cyber agencies.”
The vector and ransomware type were not immediately apparent.
Customers will be hoping that the company kept regular back-ups off its network, which it can roll out fast.
Are you affected? Want to share thoughts? Get in touch
See also: Catching Ransomware Crime Gangs: We Spoke to the Experts in Law Enforcement About Why It’s So Challenging