most Indian IT firms are ill equipped to handle cyberattacks. The recent news of the cyberattack on Wipro seems to have reinforced this belief that most IT companies in India are extremely vulnerable against cyberattacks.
Another report by KrebsOnSecurity confirms that besides Wipro, other IT firms including Infosys, Capgemini, and Cognizant were targeted in the hacking attempt. The news comes after a blog broke the news of cybersecurity breach at Wipro. KrebsOnSecurity’s founder, Brian Krebs has published a blog post explaining the cybersecurity breach.
His blog post reads, “Crooks responsible for launching phishing campaigns in computer systems of Wipro last month appear to have targeted a number of other competing providers.” He further added that third party vendors of these retail, financial, and consulting companies may have been targeted by the attackers.
The leading IT firm, Capgemini has confirmed the news of suspicious activities. The internal security centre (SOC) at Capgemini detected and suspicious activities between March 4 and March 19. The type of attacks showed similar patterns to the attack faced by Wipro.
(Image Credits: The Economic Times)
While taking to ET, Capgemini’s spokesperson said, “This occurred between March 4 and March 19. The activity concentrated on a very limited number of laptops and servers. Immediate remedial action took place. There has been no impact on us or on our clients to date. Since the criminal activity first surfaced earlier this week and following reports that another service provider’s email system was allegedly compromised, Cognizant’s security experts took immediate and appropriate actions including initiating a review.”
Infosys has confirmed that there was no breach in its network. The company has received no indication of any attack from its threat intelligence partners. However, Kreb’s blog post lists number of malicious phishing domains. It states that these are all connected to well-known hosting company in Russia called KingServers.
The subdomains of these phishing domains suggest that attackers have targeted American retailer Sears, Green Dot, prepaid card vendors, payment processing firm Elavon, hosting firm Rockspace, IT provider PCM, Capgemini, Avanade, and others.