Wipro, the Indian IT Service Giant Attacked By Phishing
IT Services giant, Wipro Ltd which is headquartered in India has become the latest victim of spear phishing. According to the initial report, Wipro’s system was breached as the result of a massive phishing campaign against the employees of the company. It doesn’t end there, the attackers were able to launch attacks against Wipro’s customers as well, as the internal IT team detected suspicious activities coming from employee accounts. Coincidentally, the company was scheduled for their quarterly results meeting with all its stakeholders the same day as the incident happened.
“We detected a potentially abnormal activity in a few employee accounts on our network due to an advanced phishing campaign. Upon learning of the incident, we promptly began an investigation, identified the affected users and took remedial steps to contain and mitigate any potential impact. Collect and monitor advanced threat intelligence for enhancing security posture,” explained Vipin Nair, a WiPro representative.
With the incident already unfolded, WiPro announced that the company has decided to discard their current email system, with their goal of replacing it with a more phishing-filtered email solution. WiPro has reasonable suspicion that the incident was due to spear phishing, as the phishing message is customized to make themselves persuasive in the process.
“The company has robust internal processes and a system of advanced security technology in place to detect phishing attempts and protect itself from such attacks. We constantly monitor our entire infrastructure at heightened level of alertness to deal with any potential cyber threat,” added Nair.
Rajan Kohli, WiPro’s President has highlighted that cybersecurity defense is an area of improvement for the company through more investment of better security technologies while enabling the continued upgrade of their networks. “We’re building those dashboards, and building that glue that bind these various products, and helps clients make an actionable insight. The time to response becomes very critical to cybersecurity,” said Kohli.
WiPro indicated that they are communicating with their affected clients and the company has already committed to using all the tools and procedures in its roster to determine who started the incident. “We are leveraging our industry-leading cyber security practices and collaborating with our partner ecosystem to collect and monitor advanced threat intelligence for enhancing security posture. We have also retained a well-respected, independent forensic firm to assist us in the investigation. We continue to monitor our enterprise and infrastructure at a heightened level of alertness,” concluded WiPro in a Press Release.
Around 11 Fortune 500 clients were victims of the attack after the information from WiPro was breached. WiPro is a major IT service business who employs 170,000 employees globally, it has Fortune 500 companies as their clients, in 2018, it made a record revenue of $8 billion. Even after the announcement of the incident, WiPro will proceed with its scheduled earnings call, and the official report can be seen in https://www.wipro.com/content/dam/nexus/en/investor/news/2019/results-for-the-fourth-quarter-ended-march-31-2019-to-be-announced-on-april-16-2019.pdf. The document is titled WIPRO LIMITED TO ANNOUNCE RESULTS FOR THE FOURTH QUARTER ENDED MARCH 31, 2019 ON APRIL 16, 2019.
Source: https://krebsonsecurity.com/2019/04/experts-breach-at-it-outsourcing-giant-wipro/
Related Resources: