Indian BPO Vendor Wipro Hacked
Brian Krebs reported that Indian mega-outsourcer Wipro was hacked. Apparently Wipro’s systems were being used to launch attacks against Wipro’s customers.
Wipro’s PR police said that they are investigating. I am sure that they are.
Given that Wipro’s customers likely trust Wipro, it is a good launchpad for attacks against their customers.
When Brian (Krebs) reached out to Wipro communications head, he said that he was out of town and needed a few days to investigate. Really?
Wipro finally responded with this:
“Wipro has a multilayer security system,” the company wrote. “The company has robust internal processes and a system of advanced security technology in place to detect phishing attempts and protect itself from such attacks. We constantly monitor our entire infrastructure at heightened level of alertness to deal with any potential cyber threat.”
Somehow they thought this was a good response to the question about whether they had been hacked. Source: Brian Krebs.
Now Wipro is confirming that, in spite of their wonderful “multilayer security system”, they were, in fact, hacked.
They are saying “We detected a potentially abnormal activity in a few employee accounts on our network due to an advanced phishing campaign…” All it takes to target your customer is ONE compromised account.
I am glad that they fell for an advanced attack and not just a plain vanilla one. I am sure that you have noticed that the definition of an advanced attack is any attack that someone fell for.
As a customer of an outsourcer, you have a trust relationship with that company, They have your data and probably access to your systems. You are much less likely to question an email received from your outsource vendor as a potential phishing attack.
I know I probably sound like a broken record, but ….
Supply chain risk!
Vendor cyber risk management!
The hackers used Wipro to attack a number of their customers.
Wipro is certainly not the first BPO to be hacked and likely not the last, so you as a customer need to make sure that your vendors have an acceptable cyber risk management program. This includes managing the risk of your vendor’s vendors.
What they have not said yet (and I am sure that it will come out) is which of Wipro’s customers the attackers went after and were those attacks successful. I bet that at least some of them were. Source: Economic Times of India.