SoylentNews is people
SoylentNews
Submission Preview
Citrix Compromised, Data Stolen
According to information security firm Resecurity [resecurity.com], hackers in the Iranian backed IRIDIUM hacking group made off with at least 6TB worth of internal Citrix data [theregister.co.uk].
The breach occurred in December, and stolen data included
lifting emails, blueprints, and other documents, after bypassing multi-factor login systems and slipping into Citrix's VPNs.
This hacking group has been extremely active and
IRIDIUM "has hit more than 200 government agencies, oil and gas companies, and technology companies including Citrix."
According to a statement [citrix.com] by Citrix's CISO (Chief Information Security Officer) Stan Black
"While our investigation is ongoing, based on what we know to date, it appears that the hackers may have accessed and downloaded business documents," Black said. "The specific documents that may have been accessed, however, are currently unknown."
At this point, Citrix reckons the intrusion was limited to its corporate network, and thus believes customer records and data were not stolen nor touched.
How did they get in - Password Spraying [infosecinstitute.com]
While not confirmed, the FBI has advised that the hackers likely used a tactic known as password spraying, a technique that exploits weak passwords. Once they gained a foothold with limited access, they worked to circumvent additional layers of security.
I know nothing of Citrix's network, however this sort of attack is typically mitigated by Multi Factor Authentication [wikipedia.org]. If you aren't using it to secure external entry to a corporate network with thousands of users, you are trivially easy prey for this sort of attack.
If all goes true to form, Citrix will likely be spending a lot of money over the next few years and, for a time, taking recommendations from its security teams to heart to keep this from happening again.
The real question is whether Citrix will make enough progress before things tighten back up. Large companies seem to get basically one free pass with this sort of thing if they handle it right. It starts to become existential if it keeps happening however.
