Indian information technology (IT) outsourcing and consulting giant Wipro Ltd [NYSE:WIT] is investigating reports that his own IT systems have been hacked and used to launch attacks against some to corporate customers, many resources tell KrebsOnSecurity. Wipro refused to respond to questions about the suspected incident.
Earlier this month, KrebsOnSecurity heard that two trusted sources have become the third largest IT outsourcing company of Wipro – dealing with a multi-month intervention from an assumed state-
Both sources, who spoke on condition of anonymity, said that the Wipro systems were used as the voyage points for digital fishing expeditions targeting at least a dozen customer systems Wipro.
Security experts say Wipro customers Monitor the malicious and suspicious reconnecting network activity back to partner systems that directly interact with the Wipro network.
On April 9, KrebsOnSecurity reached Wipro for comment. An email was received on April 1
On Friday, April 12, Nair sent a statement identifying none of the questions that Wipro asked about a alleged security incident involving attacks against its own customers.
"Wipro has a multilayer security system," the company wrote. "The company has excellent internal processes and a system of advanced security technologies in place to detect phishing attempts and protect itself from such attacks. We continue to monitor our entire infrastructure at higher alert levels to deal with any potential cyber threats. "
Wipro did not respond to many additional comments requests. Since then, two more sources of knowledge about the investigation are coming to confirm the outline of the incident described above.
A source familiar with forensic investigation of a Wipro customer said at least 11 other companies were attacked, as evidenced from the file folders found at the back-end infrastructure of intruders named after different Wipro clients. That source was denied to name other clients.
Another source said Wipro is now in the process of building a new private email network because intruders are thought to have compromised the Wipro corporate email system for some time. The source also said that Wipro now tells concerned clients about specific "compromise indicators," indications of tactics about tactics, tools and techniques used by bad people may indicate an attempt or successful intervention.
Wipro says it has more than 170,000 employees helping clients across six continents to Fortune 500 customers in healthcare, banking, communication and other industries. In March 2018, Wipro said it had passed $ 8 billion in annual revenue on IT services.
Clear violation comes in the transfer of fortunes to Wipro. On March 5, the State of Nebraska suddenly canceled the Wipro contract after spending $ 6 million in the company. In September 2018, Nebraska's Department of Health and Human Services provided a stop-and-desist letter to Wipro, who ordered to stop the work on upgrading the state's Medicaid enrollment system, and to remove its state offices. In August 2018, Wipro paid $ 75 million to meet a case in a law enforcement spree reported worth hundreds of millions of dollars by the National Grid US to fix.
Another strange, if not only intentional, development: On April 4, 2019, the Indian government sold the "enemy" at Wipro worth about $ 166 million. According to this article in The Business Standard the enemy shares are called because they were originally held by people who moved to Pakistan or China and not Indian citizens. "The shares, held by the Custodian of Property Property for India, are sold at Rs 259 each at the Bombay Stock Exchange," reported Business Standard. "Buyers are owned by the state of Life Insurance Corporation of India (LIC), New India Assurance and General Insurance Corporation. Wipro expects to report their quarter-earnings report on Tuesday, April 16th (PDF ).
Tags: Wipro data breach
You can skip to the end and leave a comment. Pinging is currently not allowed.