Wipro and every one of their advertised U.S. aerospace customers are phishable!

I kid you not. After yesterday's 500% increase in hits to the Wipro phishing story (read it here), I started wondering how easy U.S. aerospace companies were to phish. My logic was that even if they obeyed the DOD mandate that every company dealing with the U.S. government implement DHS BOD 18-01 compliance and get FedRAMP certified with DMARC enforcement, having one of their outsourcing suppliers phished pretty well negates their protection. So I went to wiproaerospace.com to see who their American clients were. You can see the list above. So how many of the above would you guess are compliant? Honest, this isn't a trick question. Take a guess.

The answer: ZERO! Not a single damned one. The closest is GKN Aerospace, but they use the morons at dmarcian, who have their DMARC set to "p=none" enforcement. Which means that Wipro and all the listed aerospace clients are open for phishing.

So you're wondering how the Chinese could steal terabytes of F-35 tactical fighter specs? I'm personally wondering why these companies are ignoring the DOD mandate. Come on! Inquiring minds want to know.

My profanity filter won't let me continue to write. My wife came in and yelled at me about my language. Sorry darlin' about turning the air blue with invective.

#wipro #boeing #lockheedmartin #northropgrumman #triumphgroup #spiritaerosystems #gknaerospace #leonardocompany #avcorp #phishing #dmarc #dmarcian


Popular Posts