VPN Provider Citrix Hacked, Up to 6TB of Data Accessed of Internal Network

The enterprise software giant Citrix has suffered a hack that accessed the company’s internal network. It was told by the FBI on last Wednesday that Iranian-backed hackers had accessed Citrix’s IT systems and downloaded business files.

The cyberattack on the company’s network was disclosed last Friday in a post from Citrix’s chief security and information officer, Stan Black.

“On March 6, 2019, the FBI contacted Citrix to advise they had reason to believe that international cyber criminals gained access to the internal Citrix network,” Black said.

He wrote, “It appears that the hackers may have accessed and downloaded business documents. The specific documents that may have been accessed, however, are currently unknown.”

“While not confirmed, the FBI has advised that the hackers likely used a tactic known as password spraying, a technique that exploits weak passwords. Once they gained a foothold with limited access, they worked to circumvent additional layers of security,” the Citrix exec added.

The hackers made use of a combination of tools, techniques and procedures to bypass multi-factor login systems so as to slip into private networks to access email correspondence, files in network shares, and other services used for project management and procurement.

Black said, “Citrix is moving as quickly as possible, with the understanding that these investigations are complex, dynamic and require time to conduct properly.”

Later, a spokesperson for Citrix confirmed Black’s blog. The spokesperson said, “We have no further comment at this time, but as promised, we will provide updates when we have what we believe is credible and actionable information.”

Who were really behind this hack? What data they stole? What’s the consequence? Hope we will get the answers soon.