Inside the Ink

April 18, 2019

The Wipro Breach: A Demonstration of Third-party and Supply Chain Risk

Advanced phishing and supply chain vulnerabilities – these seem to be the successful attack vectors that hackers have used to compromise Wipro, an Indian multinational corporation that provides information technology, consulting and business process services. Notable security researcher, Brian Krebs, reports confirmation that a nation-state actor had been inside the company’s systems for months, identifying opportunities to attack its vast customer base – currently, at least a dozen of the firm’s clients have been targeted as a direct result of this breach. Additional sources have claimed that Wipro’s corporate e-mail system had also been compromised for some time, forcing the company to build out a new private system. Who’s the Bad Guy? While the attack has not been attributed to a specific group, security researchers note that it bears a resemblance to those launched by the Chinese hacking group APT10 – almost always beginning with a phishing campaign targeted against a third-party partner. The group has a demonstrated history of attacking Managed Service Providers in order to gain access to a larger swath of targets. Last year, the Australian Cyber Security Center blamed APT10 for attacks on at least nine global service providers, and the UK’s National Cyber Security Centre said it is aware of malicious activity currently affecting UK organizations across a broad range of sectors. Takeaways The Wipro breach seems to be a textbook case of exactly how not to handle a breach. Refusal to acknowledge and inconsistencies in what they will acknowledge have done nothing but increase not only confusion in reporting on the incident, but also mistrust in the company. Additionally, it highlights how critical it is that organizations properly protect their assets and address the vulnerabilities inherent to human error. Companies must extend beyond robust network security and incorporate systematic employee training, supply chain security assessment and ongoing monitoring, and third-party security, among other methods of defense. Last October, the FBI warned Managed Service Providers about the increasing occurrence of Chinese hacking groups targeting them specifically. MSPs have unparalleled access to their clients’ networks, so compromising an MSP can give these groups direct access into dozens, hundreds, or even thousands of businesses and their client data. The number one way attackers penetrate networks is with stolen credentials, according to the alert. ID Agent provides a robust suite of services to address the risks highlighted in the Wipro breach. BullPhish ID™ delivers security awareness training and phishing simulations created specifically to help employees recognize and avoid phishing traps like those used to infiltrate Wipro’s systems. Dark Web ID™ monitors the dark web for employee and supply chain credential exposure, which most often results from using those credentials on third-party websites. SpotLight ID™ provides comprehensive personal identity protection and restoration services for employees and customers, mitigating risk and providing peace of mind.

Read More
April 17, 2019

The Week in Breach: 04/09/19 – 04/15/19

This week, phishing scams target US government and healthcare employees, Canadian plane parts are held for ransom, EU citizens are compromised in a UK breach, and 60,000 digital fingerprints find their way to the Dark Web.

Read More
April 15, 2019

Cyber Scams to Avoid This Tax Season

They say nothing is certain except for death and taxes. In 2019, it’s time to add cyber tax scams to the list. The Internal Revenue Service (IRS) has released its annual “Dirty Dozen” list of tax scams – and it’s no surprise that nefarious online schemes top the list. Here are some of the most common (and clever) techniques that hackers are using to defraud Americans of their personal information and hard-earned income.

Read More
April 11, 2019

The Week in Breach: 04/02/19 – 04/08/19

This week, ransomware shuts down a US medical practice, freshmen hack their school’s Wi-Fi to avoid tests, Canadian pension plans go missing, Irish healthcare group is scammed, and UConn is hit with a $5M data breach lawsuit.

Read More
April 03, 2019

The Week in Breach: 03/27/19 – 04/01/19

This week, US healthcare provider gets breached 3 times, third-party ransomware parks Canadian agency for days, hackers steal French gas, and last year’s Facebook breach in Australia nearly doubles in size.

Read More
March 27, 2019

The Week in Breach: 03/19/19 – 03/26/19

This week, a Dutch academic publisher is exposed, US sleep companies snooze on payment fraud, UK police face ransomware attack and Uber might be spying on us (again)…

Read More
March 20, 2019

The Week in Breach: 03/12/19 – 03/18/19

This week, US students hack into school, Canadian alcohol gets held for ransom(ware), New Zealand outdoors retailer is exposed, and data doesn’t expire on the Dark Web.

Read More
March 13, 2019

The Week in Breach: 03/05/19 – 03/11/19

This week, US surgeons pay cyber ransom, Canadian universities come under attack, a UK charity is breached, and healthcare gets hit hard by hackers.

Read More
March 07, 2019

The Week in Breach: 02/24/19 – 03/04/19

This week, Topps gets form-jacked, Canadian government employee is robbed of patient data, UK adoption service accidentally leaks sensitive information, and records in New Zealand are “blown away.”

Read More
February 28, 2019

The Week in Breach: 02/16/19 – 02/23/19

In the news this week: highly-sensitive medical conversations accessed from a Swedish health phone line, rogue politicians stir up data breach anarchy in the U.K., restaurant customer credit cards exposed across 100+ establishments in 9 U.S. states, and an Australian hospital faced with ransom demands to unlock stolen files.

Read More

Please fill in the form below to subscribe to our blog