Wipro recently faced a severe cyber phishing attack on it’s high-priority customer systems via email breach. Reports suggest that the company’s IT security department was already aware of their mail system rift, and while they were trying to counter its affects by building secure private email network the hackers initiated another attack causing a large-scale disruption.
The attack in effect raised a subject of discussion among the industry leaders regarding the current state of cyber security in modern day enterprise world. Experts believe that there’s a dire need to advance existing cyber security protocols and employ latest technological solutions to stay one step ahead of global hacking community.
Few thoughts presented by Industry leaders regarding the attack and counter measures required.
“It is of utmost importance to educate employees for phishing attacks, experience mock attacks, develop a security policy that includes but isn’t limited to password expiration and complexity and keep sensitive Data encrypted as much as possible.” Said Dr Ajay Data, CEO, Data Xgen Technologies. He further stated that “Employees possess credentials and overall knowledge that is critical to the success of a breach of the company’s security. One of the ways in which an intruder obtains this protected information is via phishing. The purpose of phishing is to collect sensitive information with the intention of using that information to gain access to otherwise protected data.”
In the words of Mr. Neelesh Kriplani, Senior VP and Head, Clover Infotech, “The approach towards cyber security threats needs to be proactive rather than reactive.” He also went on to suggest few improvements in the security system by stating that “It is imperative for organizations to stay ahead of the game against the hackers, and we as the MSP play an important role in ensuring the same. We recommend implementation of Database Activity Monitoring (DAM) solutions to monitor database traffic for detection and blocking of threats. We conduct regular VAPT tests and ensure corrective actions are taken up in real-time. In addition, we implement data security features such as redaction, masking, database vault, encryption etc. to ensure that sensitive data is protected. For cloud environment, we suggest to implement role based access so that the administration privileges do not stay with single user account. Additionally, we recommend implementation of cloud access security management tools for greater security control and access visibility of SaaS and PaaS solutions”.
Rajiv Singh, Senior V.P. & Global Head of Enterprise Security & Risk Management, Tech Mahindra also had his word on the attack. He stated that, “E-mail is a universal way of communicating on internet. If you are on the internet, you need to have an email addresses, these are our internet IDs. These email IDs lets us sign up for things, receive notifications, and communicate with each other. However, e-mail attachments are the primary reason for malware installation. Employees, whether maliciously or unwittingly, can render a company vulnerable via email. If the data contains sensitive information, then the organization could incur mitigation costs.”
If reports are to believed, a cybersecurity blog, KrebsOnSecurity already warned the officials about the vulnerability in system. In an official statement the blog owners said “Wipro was dealing with a multi-month intrusion from an assumed state-sponsored attacker and that Wipro’s systems were seen being used as jumping-off points for digital fishing expeditions targeting at least a dozen Wipro customer systems.”
Post the attack, Wipro took to the microblogging site, Twitter, and confirmed the attack. They wrote “We came to know of a potentially abnormal activity within our network, about a week back, in respect of few of our employee accounts, who were subjected to an advanced phishing campaign.”
Wipro official have stated that “We have used our industry-leading cyber security practices and partner ecosystems for these steps. We are collaborating with our partner ecosystem to collect and monitor advanced threat intelligence for enhancing security posture. We continue to monitor our enterprise and infrastructure at a heightened level of alertness.”