Citrix Systems‘ internal network was hacked by international cybercriminals that may have accessed and downloaded business documents. The company acknowledged the hack in a blog post last Friday.
Stan Black, the chief security and information officer at Citrix, wrote that the company was contacted by the FBI last Wednesday. The FBI told Citrix that it had reason to believe there was a successful attack on the company’s network by foreign parties.
According to Black, no Citrix products or services were compromised. “It appears that the hackers may have accessed and downloaded business documents. The specific documents that may have been accessed, however, are currently unknown,” Black wrote. He noted that the investigation into the hacks is ongoing.
In the fallout from the attack, Citrix said it has taken action by: starting a forensic investigation; hiring a cybersecurity firm to assist the company; taking steps to secure its internal network; and by continuing to cooperate with the FBI.
Black said that, while not yet confirmed, the FBI believes a technique called password spraying was used to gain access. Password spraying refers to a tactic used by hackers to exploit weak passwords. Once the hacker gains a foothold with limited access they can get around the additional layers of security.
“Citrix deeply regrets the impact this incident may have on affected customers,” wrote Black. He noted that Citrix will continue to post updates and work with law enforcement on understanding the details of the breach.
Last week, only a few days before it was contacted by the FBI, Citrix made several updates to its SD-WAN product to make it more secure.
Source: sdxcentral
Sign up our newsletter for update information, insight and promotion.
