cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
rsowell
Viewer II

Any Intelligence Around the Wipro Breach?

Anyone getting any details around the Wipro breach other than what was released by Krebs?

 

 

6 Replies
Beads
Advocate I

Closed intelligence, meaning I cannot say from where, indicates the use of a number of open source tools used in the attack by what appears to be a nation state actor (of your choice). Also expect to see any number of related organizations working with WiPro or similar to have been affected.

 

Really, we don't publicly know much as WiPro is being very tight-lipped about the incident. From the outside it appears from list of detected tools, thus far, the victims were really caught not paying much attention or the tools involved were used in some very novel ways.

 

Sorry for being so cryptic, but I am using private sources. I expect this story to have some real long legs. When we determine the final target industry we will have a much better idea as to who is behind these attacks. Plural if not numerous attacks.

 

- b/eads

HTCPCP-TEA
Contributor I

Wipro confirmed that they were investigating some "Abnormal activity in a few employee accounts on our network...."

 

There are also reports that they are bringing in an independent forensic firm to help them investigate. 

 

The communications around the whole situation are ridiculously quiet, while they do their investigation, which could mean it's a "nothing" issues, or a significant one that they want tidied up prior to the media flurry. 

 

After all, they are meant to be reporting their fourth quarter earnings today, so there are more important things to worry about, right?

 

The Wipro website is showing zero in terms of the alleged incident. I wonder if the UK's ICO is looking at this? or worse still, what if the GDPR police smell something....


 

 

 

 

rsowell
Viewer II

Thank you both for the input.

Beads
Advocate I

Most of what I know from closed sources is either from work or a "private" discussion board that I wormed my way into a year and a half ago.

 

Not seeing much released on this outside of WiPros new CISO which I want to send him the business card of a good PR person I am acquainted - this guy needs it.

 

- b/eads

HTCPCP-TEA
Contributor I

I'd have to agree. 

 

Truthfully, I think I'd do a better job on their PR than they are currently doing. 

 

 

iluom
Contributor II