Indian IT services provider Wipro has said that it has sought the help of a forensic investigator to probe the hacking on its IT infrastructure that was first reported by online publication KrebsOnSecurity.
According to the report, hackers took control of the company's IT systems and were successful in launching attacks on a few of its clients. It had also said that the company was facing multiple attacks on its systems speculated to be originating from a state-sponsored entity.
However, Wipro has spoken otherwise. “We detected a potentially abnormal activity in a few employee accounts on our network due to an advanced phishing campaign. Upon learning of the incident, we promptly began an investigation, identified the affected users and took remedial steps to contain and mitigate any potential impact," BM Bhanumurthy, the firm’s chief operating officer, said, adding that Wipro investigates 4.8 million such alerts yearly.
He added that the company was leveraging its cybersecurity practices and collaborating with its partner ecosystem to collect and monitor advanced threat intelligence for enhancing security posture.
“We have also retained a well-respected, independent forensic firm to assist us in the investigation. We continue to monitor our enterprise and infrastructure at a heightened level of alertness,” he said.
On the other hand, Wipro chief executive Abidali Neemuchwala said that the hacking could be considered a ‘Zero Day’ attack. Such attacks are vulnerabilities in an IT system that has not been safeguarded yet and hackers tend to exploit these vulnerabilities to get inside company systems.
Neemuchwala said that the signature of the attack was identified and shared with its customers as well. According to a report in The Economic Times, the CEO said that Wipro was ready to carry out any contractual obligations as well as provide monetary support for its customers as far as the hack was concerned.
The company in a regulatory filing has also said that it could be liable to pay damages if there is any loss of data for its customers.
Interestingly, the Wipro breach puts enterprise security in focus again. There have been several reports which show that enterprises are still not ready to deal with such attacks.
According to an Accenture report that surveyed 1,700 CXOs globally, only 37% of Indian organisations are very confident in internet security. Globally, the report states that companies could incur $5.2 trillion in additional costs and lost revenue over the next five years due to cyberattacks. This is because enterprises are dependent on complex internet-enabled business models, which outpace the companies’ ability to introduce adequate safeguards to protect critical assets.
It further states that 82% of Indian respondents admit that their organisation is adopting new and emerging technologies faster than they can address related cybersecurity issues. Two-thirds (68%) noted that cybersecurity issues have escaped their control due to new technologies such as the internet of things (IoT) and the industrial internet of things (IIoT).
A majority (81%) also said protecting their companies from weaknesses in third parties is increasingly difficult, the report showed.
According to a Cisco study conducted last year, Indian organisations lost $500,000 in financial damages including, but not limited to, lost revenue, customers, opportunities, and out-of-pocket costs due to cyberattacks.
In fact, the study suggests that enterprises should look at adopting new technologies to stop cyberattacks. “In today’s zero perimeter world, where data is everywhere, defenders need to relook cybersecurity from strategic point of view. It is important that security adopts new tools like artificial intelligence and machine learning, and incorporate best strategies to mitigate risks,” Vishak Raman, director of security sales, Cisco India and SAARC, had said as part of the study.
Cybersecurity firm Sophos' chief information and security officer Ross McKercher also had said that with cybercriminals constantly on the lookout for weak entry points, the focus needs to shift from protection and detection to intelligent and automated responses that isolate a cyberattack.
Speaking about the Wipro breach, Surendra Singh, senior director and India head of cybersecurity solutions providing firm Forcepoint, said that the cyberattack is deeply concerning and yet not surprising.
“Increasingly sophisticated attacks are being launched on enterprises and government agencies to gain access to critical data and intellectual property. Traditional security approaches for combatting such cyberattacks are no longer effective in today’s digital world," he said.
He added that companies, in order to secure their digital assets, need to understand who is accessing the data and why.
“Organisations should focus on understanding the normal behaviour of legitimate users who have access to critical data. By creating a baseline of normal behaviour, it becomes much easier to know when behaviour changes – signaling an attempted breach or a compromised insider,” he said.
Sanjay Katkar, joint managing director of Quick Heal Technologies warned that the Wipro breach shows that no organisation regardless of its size is immune to cybercriminals and it should be an eye-opener to organisations who still do not take cybersecurity seriously.