Breaking Down The Wipro Breach — And What It Means For Supply Chain Security
Various reports suggest that Indian IT outsourcing and consulting services giant Wipro has experienced a significant breach affecting some of the companies it provides services to. Krebs On Security first reported the breach, based on accounts from various sources claiming that state-backed hackers had been lurking on Wipro’s network for months and that the threat actors had used their presence on Wipro’s network to attack at least 12 of its customers, which would make it a supply-chain attack.
Wipro has acknowledged that it is investigating the breach and has detected “potentially abnormal activity in a few employee accounts on our network due to an advanced phishing campaign.” The firm says it has taken steps to eliminate the threat. While the threat actors have not yet been identified, some experts suggest that it could be the work of APT10 (aka Red Apollo, Stone Panda and MenuPass), an advanced persistent threat group with ties to the Chinese government that is known to use phishing campaigns in order to target managed service providers.
Security researchers point out that the incident shows how careless outsourcing of IT services puts companies at risk of supply-chain attacks. As more and more companies embrace IT outsourcing, the risk of supply-chain attacks will continue to grow unless firms start prioritizing security as part of their outsourcing strategy.