IT SERVICES OUTFIT Wipro has admitted that some of its employee accounts may have been hacked following a phishing campaign targeting the company.
The admission follows a report by independent security journalist Brian Krebs, citing anonymous sources, which claimed that Wipro's security had been breached and was being exploited to launch supply chain attacks on some of the company's clients.
Krebs claimed that a number of sources independently approached him earlier this month to suggest that not only had Wipro been compromised, but that the breach was being used to target some of the company's clients. Krebs added that the attack is believed to be linked to a state-sponsored attacker.
Krebs went public with his claims after Wipro failed to respond to his questions, instead providing only a bland PR statement about the company's IT security.
"One source familiar with the forensic investigation at a Wipro customer said it appears at least 11 other companies were attacked, as evidenced from file folders found on the intruders' back-end infrastructure that were named after various Wipro clients," wrote Krebs.
"Wipro is now in the process of building out a new private email network because the intruders were thought to have compromised Wipro's corporate email system for some time.
"The source also said Wipro is now telling concerned clients about specific ‘indicators of compromise', telltale clues about tactics, tools and procedures used by the bad guys that might signify an attempted or successful intrusion."
After Krebs published his report, Wipro has become more forthcoming. In a statement to the INQUIRER, it admitted that it had been attacked: "We detected potentially abnormal activity in a few employee accounts on our network due to an advanced phishing campaign.
"Upon learning of the incident, we promptly began an investigation, identified the affected users and took remedial steps to contain and mitigate any potential impact. We are leveraging our industry-leading cyber security practices and collaborating with our partner ecosystem to collect and monitor advanced threat intelligence for enhancing security posture.
"We have also retained a well-respected, independent forensic firm to assist us in the investigation. We continue to monitor our enterprise and infrastructure at a heightened level of alertness." µ
Now you can watch documentaries about horribly disfigured people whenever you like
Brad to the bone
Being in a minority of one doesn't make you right
WeWork needs a rework