Hackers breach internal Citrix network Credit: David BeatzCreative Commons

Hackers breach internal Citrix network

The internal network of Citrix has been breached by a group of hackers, believed to be international cyber criminals, following an alert from the FBI.

Involving unauthorised access, the software vendor was made aware of the breach on 6 March, leading to a public disclosure of the incident.

“Citrix has taken action to contain this incident,” said Stan Black, CISO at Citrix. “We commenced a forensic investigation; engaged a leading cyber security firm to assist; took actions to secure our internal network; and continue to cooperate with the FBI.”

While not confirmed, Black said the FBI has advised that the hackers likely used a tactic known as "password spraying", a technique that exploits weak passwords.

“Once they gained a foothold with limited access, they worked to circumvent additional layers of security,” said Black, via a company statement. “Citrix is moving as quickly as possible, with the understanding that these investigations are complex, dynamic and require time to conduct properly.

“In investigations of cyber incidents, the details matter, and we are committed to communicating appropriately when we have what we believe is credible and actionable information.”

With the investigation still on ongoing, based on current information, Black acknowledged that the hackers “may have” accessed and downloaded business documents.

“The specific documents that may have been accessed, however, are currently unknown,” Black added. “At this time, there is no indication that the security of any Citrix product or service was compromised.

"Citrix deeply regrets the impact this incident may have on affected customers. Citrix is committed to updating customers with more information as the investigation proceeds, and to continuing to work with the relevant law enforcement authorities.”


« NetApp sneaks past IBM as storage market heats up


Hackers use Slack to hide malware communications »
IDG News Service

The IDG News Service is the world's leading daily source of global IT news, commentary and editorial resources. The News Service distributes content to IDG's more than 300 IT publications in more than 60 countries.

  • Mail


Do you think your smartphone is making you a workaholic?