The attackers usually target business suppliers like managed service providers and technology vendors to gain access to a business’ corporate network.
Cyberattacks are not uncommon in the digital world.
But in recent years, there has been a spurt in the number of such attacks targeted at information technology (IT) services companies globally as well as in India thus, denting the industry’s image.
Most of the top-tier IT services firms in India such as Tata Consultancy Services (TCS), Infosys, and Wipro look at cybersecurity as an emerging area of opportunity and provide security as a service to many global clients.
According to experts, despite cybersecurity being a top concern for these organisations, there is only so much they can do to escape cybercriminals.
Raja Lahiri, partner, Grant Thornton India, noted that cybersecurity is a space populated by many different players - from technology service providers and consulting companies to even niche players.
The market opportunity is growing and is expected to be big.
“While companies invest heavily in cybersecurity and make it a top priority, some events of cybersecurity breaches are likely to happen, and these are not limited to IT companies alone.
“As in the case of general data protection regulation compliance, companies do their best to ensure the most robust security practices are in place for their clients,” says Lahiri.
A recent Reuters report noted that at least six technology service providers were compromised, including Fujitsu, TCS, NTT Data, Dimension Data, Computer Sciences Corporation, and DXC Technology in global hacking campaign between 2014 and 2017, known as Cloud Hopper and attributed to China by the US and its western allies.
Earlier in April, cybersecurity blog KrebsOnSecurity reported a breach in Wipro. Citing anonymous sources, it said Wipro’s systems were being used to target at least a dozen customer systems.
Firms like Capgemini and Infosys were also said to be targeted by the same attackers, though these firms had ascertained that they were not breached.
Cybersecurity expert Rohit Srivastwa says the attackers usually target business suppliers like managed service providers and technology vendors to gain access to a business’ corporate network.
“Companies can be on their toes every single moment and yet a single attack is all it takes to damage their credential.
“But the sheer number of clients, employees, and presence of these managed service providers have globally always meant that some minor detail may get overlooked, despite deploying the best automated security tools,” says Srivastwa.
According to Pareekh Jain, a well-known IT outsourcing advisor and founder of Pareekh Consulting, while such attacks will continue to happen, it is the response time to the attack that will determine how far clients trust their IT service providers.
“The cost of security and compliance has been rapidly going up, and for clients it is not much of an option to keep security in-house, especially since they will face the same breaches that large technology providers are dealing with,” says Jain.
Jain also added this is not likely to impact the IT business as such because security solutions are still a small part of the revenue stream.
Most IT players list their cybersecurity business under new or digital services, which constitutes a smaller but rapidly growing part of the business.
According to Verizon’s 2019 data breach investigation report, there is a growing trend to share and store information within cost-effective cloud-based solutions, which is exposing companies to additional security risks.
An analysis found that there was a substantial shift towards compromise of cloud-based email accounts via the use of stolen credentials.
In addition, publishing errors in the cloud are increasing year-on-year.
Misconfiguration (‘miscellaneous errors’) led to a number of massive, cloud-based file storage breaches, exposing at least 60 million records.
Photograph: Jason Lee/Reuters