Wipro Is Under Cyber Attack – Forensic Firm Hired To Investigate; Wipro’s Clients Are Being Attacked
$11 billion worth Wipro, which is considered as one of the top 5 IT companies in India, has been hacked. Wipro has admitted that they are under a cyber attack, and their clients are being targeted by hackers.
How will Wipro clear this mess? What exactly has happened here?
Wipro Under Cyber Attack
Yesterday, cybersecurity investigation website KrebsOnSecurity reported that Wipro is under a cyber attack, and thier systems are being used as ‘digital fishing expeditions’ to target their clients.
In other words, hackers are using Wipro’s IT infrastructure as a launch pad to target and attack their clients. This information was leaked to KrebsSecurity via several ‘internal sources’.
After KrebsSecurity repeatedly asked Wipro about this hack, Wipro initially denied any such happening, and reminded them that they have ‘robust internal processes and a system of advanced security technology.’
Till April 12th, Wipro categorically denied any such cyber attack or phishing attack.
However yesterday, Wipro admitted this.
Wipro: Yes, We Are Under Cyber Attack
Wipro chief executive Abidali Neemuchwala has admitted that cyber attacks are happening in the company, and they are investigating it via a forensic firm.
However, Abidali has downplayed the attack as a common one, and said that “such attacks are common in the industry”.
As pr Wipro’s official statement, they have been building a new private email network, and on the day of deployment, some employees’ email platform were under minor attacks, which is common in the industry.
Wipro has described these attacks as zero-day attacks, which are generally carried on the same day when a system is taking over an older system, and there exists some vulnerabilities which hackers attempt to exploit.
Wipro has said that cybersecuirty blog KrebsSecurity has exaggerated the details, and nothing serious is happening.
Abidali said, “We think we have a pretty good email system. You can reach us on our emails,”
On the other hand, KrebsSecuirty has claimed that the attack is inded serious, as Wipro is “dealing with a multi-month intrusion from an assumed state-sponsored attacker”.
Wipro’s Clients Are Getting Targeted: Is This Serious?
Yes, it is indeed serious, but Wipro is doing everything to downplay it.
In their official statement, Wipro has admitted that under this phishing attack, websites of some of the clients have been impacted, and they have even informed those clients.
Note here, that under filings done by Wipro at US Securities and Exchange Commission, they are liable to pay heavy penalty, in case their client’s websites are breached, due to Wipro’s security vulnerabilities.
Wipro’s official statement said, “We detected a potentially abnormal activity in a few employee accounts on our network due to an advanced phishing campaign. Upon learning of the incident, we promptly began an investigation, identified the affected users and took remedial steps to contain and mitigate any potential impact,”
If you are an employee working at Wipro, and have some information about this incident, please feel free to share us by commenting here.