Hackers breach internal Citrix network Credit: David BeatzCreative Commons
Security

Hackers breach internal Citrix network

The internal network of Citrix has been breached by a group of hackers, believed to be international cyber criminals, following an alert from the FBI.

Involving unauthorised access, the software vendor was made aware of the breach on 6 March, leading to a public disclosure of the incident.

“Citrix has taken action to contain this incident,” said Stan Black, CISO at Citrix. “We commenced a forensic investigation; engaged a leading cyber security firm to assist; took actions to secure our internal network; and continue to cooperate with the FBI.”

While not confirmed, Black said the FBI has advised that the hackers likely used a tactic known as "password spraying", a technique that exploits weak passwords.

“Once they gained a foothold with limited access, they worked to circumvent additional layers of security,” said Black, via a company statement. “Citrix is moving as quickly as possible, with the understanding that these investigations are complex, dynamic and require time to conduct properly.

“In investigations of cyber incidents, the details matter, and we are committed to communicating appropriately when we have what we believe is credible and actionable information.”

With the investigation still on ongoing, based on current information, Black acknowledged that the hackers “may have” accessed and downloaded business documents.

“The specific documents that may have been accessed, however, are currently unknown,” Black added. “At this time, there is no indication that the security of any Citrix product or service was compromised.

"Citrix deeply regrets the impact this incident may have on affected customers. Citrix is committed to updating customers with more information as the investigation proceeds, and to continuing to work with the relevant law enforcement authorities.”

PREVIOUS ARTICLE

« NetApp sneaks past IBM as storage market heats up

NEXT ARTICLE

Hackers use Slack to hide malware communications »
author_image
IDG News Service

The IDG News Service is the world's leading daily source of global IT news, commentary and editorial resources. The News Service distributes content to IDG's more than 300 IT publications in more than 60 countries.

  • Mail

Recommended for You

Trump hits partial pause on Huawei ban, but 5G concerns persist

Phil Muncaster reports on China and beyond

FinancialForce profits from PSA investment

Martin Veitch's inside track on today’s tech trends

Future-proofing the Middle East

Keri Allan looks at the latest trends and technologies

Poll

Do you think your smartphone is making you a workaholic?