Joerg Habermeier - stock.adobe.c
Indian IT services firm Wipro said it has been hit by a phishing attack which breached some email accounts of its employees.
Reports of the attack first emerged when Krebs on Security reported that attackers were using Wipro’s systems to launch attacks against some of its customers.
Wipro is an Indian IT services company that boasts some of the world’s largest businesses as customers.
Nobody was available when Computer Weekly contacted Wipro for comment, but according to Forbes.com, the company said: “We detected a potentially abnormal activity in a few employee accounts on our network due to an advanced phishing campaign. Upon learning of the incident, we promptly began an investigation, identified the affected users and took remedial steps to contain and mitigate any potential impact.”
Mark Bower, chief revenue officer at security software maker Egress Software Technologies, said the hack and subsequent compromise of IT systems is a demonstration of how devastating third-party, supply chain partner attacks can be.
“Early reports indicate that the hackers were already able to launch direct attacks on customer environments. Most concerning for the tens of thousands of Wipro customers – including many in the Fortune 500 – are the reports that Wipro’s email system has been compromised for some time.”
He said Wipro should immediately let customers know whether they were using message encryption internally to protect customer emails.
Cesar Cerrudo, chief technology officer at security advisory IOActive, said Wipro’s huge global presence as a supplier makes it an attractive target for such attacks.
“Wipro is not alone. Sadly, system compromise is a fact of business life. This is just another real-world example of how our increasing interconnected world is creating both opportunity and risk, intended and unintended consequences,” he said.
“In this instance, we can see that hackers appear to be using Wipro employee accounts to target their customers – by using trusted and known accounts in this way, the hacker increases the likelihood that their attack will bypass security and land on the customer system,” he added.