5 Companies That Had A Rough Week

For the week ending April 19, CRN looks at IT companies that were unfortunate, unsuccessful or just didn't make good decisions.


The Week Ending April 19

Topping this week's roundup of those having a rough week is Wipro for dealing with the fallout of a reported hacking attack of its IT systems.

Also making the list this week are Cisco Systems for scrambling to fix a critical vulnerability in one of its router products; Fortinet for paying a settlement to solve a whistleblower lawsuit; Google Fiber for paying $3.84 million to clean up a construction mess in Louisville, Ky.; and Samsung for reports of early problems with its Galaxy Fold folding screen smartphones.

Sponsored post

Not everyone in the IT industry was having a rough go of it this week. For a rundown of companies that made smart decisions, executed savvy strategic moves—or just had good luck—check out this week's 5 Companies That Came To Win roundup.

Wipro Breached, Used As Launching Point For Customer Attacks

IT outsourcing giant Wipro scrambled this week to deal with the fallout from reports that its own IT systems were hacked and used to launch attacks against some of the company's customers.

Wipro's systems, according to a report from KrebsOnSecurity, indicated that Wipro's systems are being used as a jumping off point for targeting at least a dozen client systems.

While Wipro acknowledged the attack on Tuesday, both in a statement and on an earnings call, the company has provided little information about the attack, including what, if any, information has been compromised.

Wipro is alerting concerned clients about specific indications that might signal an attempted or successful intrusion, according to the report. The company is also currently building out a new private email network because the intruders are believed to have compromised the company's corporate email system for quite some time.

Later in the week a KrebsOnSecurity report said the same attackers that hit Wipro also targeted Avanade, Capgemini, Cognizant, Infosys, PCM, Rackspace and Slalom.

Cisco Security Alert Urges Patch Of Critical Router Flaw

Cisco Systems scrambled this week to develop and release a patch to fix a critical flaw in its ASR 9000 Series Aggregation Services Routers that could result in a denial-of-service attack or remote unauthenticated access to the device.

The ASR flaw was the most severe of 29 vulnerabilities disclosed by Cisco this week with a severity rating of 9.8 out of 10. If not fixed, Cisco warned in a security bulletin, the flaw could be exploited remotely without user credentials.

The vulnerability is due to incorrect isolation of the secondary management interface from internal sysadmin applications, according to Cisco. The company issued a software update Wednesday to address the vulnerability and urged customers to install the update immediately.

Fortinet To Pay $545,000K To Settle Claim That Former Employee Defrauded Feds

Security tech developer Fortinet has agreed to a $545,000 settlement after acknowledging that a former employee had product labels changed to make the items appear compliant with federal procurement law.

Between January 2009 and fall 2016 a now-terminated Fortinet employee responsible for supply chain management directed certain employees and contractors to alter product labels so that no country of origin was listed or included the phrases "Designed in the United States and Canada" or "Assembled in the United States."

Some of the products with changed labels were resold through distributors and resellers to U.S. government customers, making them appear to comply with the Trade Agreements Act (TAA), which mandates that products under government contracts be manufactured or "substantially transformed" in the U.S. or another designated country."

The agreement settled a January 2016 lawsuit against Fortinet by the U.S. government and whistleblower Yuxin "Jay" Fang, a former logistics specialist in Fortinet's Vancouver offices. Fang accused Fortinet of certifying that all its products were manufactured in TAA-designated countries, when in fact some were made in non-designated countries, including China.

Fortinet agreed to settle the case, saying the actions by the "rogue former employee" were in clear violation of company policy. The company cooperated with the government's investigation and shared the results of its own internal investigation into the matter.

Google To Pay Louisville $3.84 Million To Clean Up After Failed Fiber Experiment

Google Fiber will pay $3.84 million to the city of Louisville, Ky., to restore roads and other public infrastructure after the company's use of an experimental construction method to install fiber communications lines made a mess.

Louisville was one of a dozen cities where, to great fanfare, Google Fiber planned to bring broadband internet and IPTV services to consumers using advanced fiber communications technology. To speed up the installation in Louisville, Google Fiber used an experimental construction method that involved "placing fiber in much shallower trenches" than elsewhere, as Google Fiber described it in a Feb. 7, 2019, statement.

Within several months of installing fiber cables using the "microtrenching" method, cables began popping out and lying exposed on the streets. While the Louisville service went live in October 2017, it soon became clear that Google would have to essentially rebuild the entire fiber network and on Feb. 7 the company announced that it was shutting off the service on April 15 and leaving the city.

This week the Louisville Metro Government announced that Google Fiber had agreed to pay $3.84 million to clean up the mess, restoring infrastructure such as roads and other public rights-of-way that were damaged by the fiber project. The money will cover the removal of fiber cables and sealant from roads, road milling and paving where needed, and removal of above-ground infrastructure.

Samsung To Investigate Reports Of Problems With Samsung's Galaxy Fold

Journalists and tech product reviewers who began using the much-hyped Samsung Galaxy Fold folding screen smartphones have reported problems by posting photos of the devices with broken screens.

The devices, which are expected to sell for nearly $2,000, aren't generally available for consumers yet. They are slated to ship April 26. But the reports are disconcerningly reminiscent of the disaster Samsung faced in 2016 with the Galaxy Note 7 that experienced problems with overheating and, in some cases, catching fire.

This week reports of broken screens began cropping up on multiple websites including Androidcentral, The Verge, CNBC and USA Today. A major part of the problem appears to be that users are removing a plastic covering from the screen, even though it's supposed to stay on, apparently thinking it is part of the device's protective packaging. Other problems appear to be related to the screen's fragility.

On Thursday a Samsung spokesman told ABC News that the company will investigate the report and "thoroughly inspect" the damaged devices to determine the cause of the problem.