IT infrastructure services providers around the world are on high alert after reports emerged that Indian IT services firm Wipro had suffered a cyberattack.
The Bangalore, India-based IT outsourcing firm has confirmed the attack, but dismissed reports that its customer data were ‘compromised’.
The report comes just months after the US Homeland Security department warned that China-based cybercriminals were trying to hack into managed services providers’ (MSP) networks in a bid to steal the business secrets of their US clients.
KrebsOnSecurity, an IT security industry news portal that first disclosed the breach, reported that 11 more companies could have also been attacked.
It went on to say that the attackers may use Wipro’s IT systems to launch attacks against the company’s customers.
Wipro will have to pay a heavy price in damages if it turns out that the attacker stole its customer data.
In a clarification issued to investors, Wirpo said that it became aware of ‘potentially abnormal activity’ within its network about 10 days ago, adding that a few of its employees’ accounts were victims of an ‘advanced phishing’ campaign.
“Upon learning of the above, the company promptly kicked off its standard operating procedure for addressing such incidents. We began investigating the incident, identified and isolated the employee accounts which were impacted, took remedial steps to contain the incident, and mitigate any potential effects of the incident.”
According to the blogpost, the attackers broke into more than 100 Wipro systems and installed ScreenConnect, a remote access tool. There are no confirmed reports of whether the attackers stole customer data.
Wipro has reportedly hired a forensic firm to ‘collect and monitor advanced threat intelligence’ as part of its efforts to enhance its network security.