The advanced phishing attack on Wipro proves why the is email still so vulnerable. While the enterprise employs new technology to keep its data secure, hackers continue to find, attack and exploit the weak spots.
Wipro has recently been the target of an advanced phishing attack. It was reported that Wipro was aware that its email systems have been breached by hackers to target its customer systems and the company was in the process of building a new private email network for the employees. The attack came, when the company was trying to recover from the breach.
[quote font=”tahoma” font_size=”13″ font_style=”italic” color=”#262626″ bgcolor=”#f9f9f9″]
“It is of utmost importance to educate employees for phishing attacks, experience mock attacks, develop a security policy that includes but isn’t limited to password expiration and complexity and keep sensitive Data encrypted as much as possible.”
Dr Ajay Data
CEO
Data Xgen Technologies
[/quote]
“We came to know of a potentially abnormal activity within our network, about a week back, in respect of few of our employee accounts, who were subjected to an advanced phishing campaign.” Wipro posted a statement on its official Twitter Account.
The data breach was first reported by a cybersecurity blog, KrebsOnSecurity. According to this platform, Wipro was “dealing with a multi-month intrusion from an assumed state-sponsored attacker and that Wipro’s systems were seen being used as jumping-off points for digital fishing expeditions targeting at least a dozen Wipro customer systems.”
[quote font=”tahoma” font_size=”13″ font_style=”italic” color=”#262626″ bgcolor=”#f9f9f9″]
“The approach towards cyber security threats needs to be proactive rather than reactive.”
Neelesh Kripalani
Senior VP and Head
Clover Infotech
[/quote]
Commenting on the immediate steps taken to tackle the attack, Wipro stated, “We have used our industry-leading cyber security practices and partner ecosystems for these steps. We are collaborating with our partner ecosystem to collect and monitor advanced threat intelligence for enhancing security posture. We continue to monitor our enterprise and infrastructure at a heightened level of alertness.”
As soon as the attack was identified, Wipro took prompt action and set off a forensic investigation into the matter. It also took quick remedial actions by identifying the affected users and taking the necessary steps to containing and mitigating the potential impact of the breach.
“We have also retained a well-respected, independent forensic firm to assist us in the investigation. We continue to monitor our enterprise and infrastructure at a heightened level of alertness,” Wipro added.
[quote font=”tahoma” font_size=”13″ font_style=”italic” color=”#262626″ bgcolor=”#f9f9f9″]
“They are the most sensitive and important record of our personal data which can be easily compromised, as a result of e-mail ID breaches.”
Rajiv Singh
Senior V.P. & Global Head of Enterprise Security
& Risk Management
Tech Mahindra
[/quote]
Commenting on the Phishing and cyber-attacks on Wipro’s systems, Dr Ajay Data, CEO, Data Xgen Technologies said “Employees possess credentials and overall knowledge that is critical to the success of a breach of the company’s security. One of the ways in which an intruder obtains this protected information is via phishing. The purpose of phishing is to collect sensitive information with the intention of using that information to gain access to otherwise protected data.”
The Wipro incident surely raises questions on how secure is the enterprise market? Though, security has always been a major concern of the business, it has taken a new dimension in the age of interconnectivity. An attack of this scale, then not just has the potential to compromise the information of the company or the employees, but also of their clients and customers. There is an unavoidable ripple effect at work here.
Addressing the vulnerability of the Email, Rajiv Singh, Senior V.P. & Global Head of Enterprise Security & Risk Management, Tech Mahindra said “E-mail is a universal way of communicating on internet. If you are on the internet, you need to have an email addresses, these are our internet IDs. These email IDs lets us sign up for things, receive notifications, and communicate with each other. However, e-mail attachments are the primary reason for malware installation. Employees, whether maliciously or unwittingly, can render a company vulnerable via email. If the data contains sensitive information, then the organization could incur mitigation costs.”
Offering advice on what can people can do in case of a data breach, Neelesh Kripalani, Senior VP and Head, Center of Excellence (CoE), Clover Infotech said “It is imperative for organizations to stay ahead of the game against the hackers, and we as the MSP play an important role in ensuring the same. We recommend implementation of Database Activity Monitoring (DAM) solutions to monitor database traffic for detection and blocking of threats. We conduct regular VAPT tests and ensure corrective actions are taken up in real-time. In addition, we implement data security features such as redaction, masking, database vault, encryption etc. to ensure that sensitive data is protected. For cloud environment, we suggest to implement role based access so that the administration privileges do not stay with single user account. Additionally, we recommend implementation of cloud access security management tools for greater security control and access visibility of SaaS and PaaS solutions”.