Subj : Switzerlands cybersecurity experts still cant Xplain how federal
To   : All
From : TechnologyDaily
Date : Fri Mar 08 2024 12:45:06

Switzerlands cybersecurity experts still cant Xplain how federal documents 
made it to the dark web

Date:
Fri, 08 Mar 2024 12:29:40 +0000

Description:
Fallout from a 2023 attack on Xplain, a company that provides software to the 
Swiss government and military, continues with the countrys National Cyber 
Security Centre (NCSC)s post-mortem report.

FULL STORY
======================================================================

Though a ransomware attack on Xplain, a Swiss software developer contracted 
by the countrys federal government, became known almost as it happened in 
late May 2023, a new report from the countrys National Cyber Security Centre 
(NCSC) has shed additional, disconcerting light on the extent of the 
incident. 

Per that report (via BleepingComputer ), the NCSC believe that 1.3 million 
files were released by the threat actor, a ransomware group known as Play, in 
a package on the dark web. 

65,000 of these files are considered relevant to the Swiss government, with 
the vast majority (47,413) of these belonging directly to Xplain. Xplain 
ransomware attack 

The NCSC also wrote about the challenges involved in determining file 
ownership, and the specific nature of each compromised file. It did, however, 
reveal that the data included employee data and passwords vulnerable to 
identity theft , technical specifications, and unspecified classified 
information, and had determined how many files belonged to each of these 
categories. 

Xplain, which describes itself as a homeland security company, updated its 
own evolving statement on the attack in the wake of the report on February 8. 
It claims that, following the attack, it filed a criminal complaint, and 
rebuilt [its] entire IT infrastructure in line with the NCSCs 
recommendations. 

Despite this, Xplain maintains that its still unclear as to how the attack 
was made possible, noting that ransomware groups often use undisclosed 
vulnerabilities to gain unauthorized access to computer systems. 

Most importantly of all, the company reports that it has not been 
significantly harmed financially by the event, which it attributed to its 
diversified, long-term business model (which we think is business-speak for 
fingers in many pies) and the benefits from indemnity insurance. 

Alls well that seems to end well, then, but as theres plenty that we dont 
know about how the breach was committed, this may not be the last that we 
hear about the incident. More from TechRadar Pro Ransomware payments are 
falling fast as victims refuse to pay We've also listed the best firewalls 
right now These two ransomware giants are joining forces to hit more victims 
across the world



======================================================================
Link to news story:
https://www.techradar.com/pro/security/switzerlands-cybersecurity-experts-stil
l-cant-xplain-how-federal-documents-made-it-to-the-dark-web


--- Mystic BBS v1.12 A47 (Linux/64)
 * Origin: tqwNet Technology News (1337:1/100)

.