How SDP Would Have Prevented the Citrix Hack



In a post penned by Citrix CISO Stan Black, he confessed that the company had been notified a few days prior by the FBI that they were victims of a cyber attack. It seems that foreign attackers used a method called password spraying, which targets weak passwords to breach their network. According to Black, “Once they gained a foothold with limited access, they worked to circumvent additional layers of security.”

Threats to US Intelligence?

According to independent security firm Resecurity® who first discovered the attack, it appears that Citrix was hacked by an Iranian hacking group called IRIDIUM, who stole between 6-10 TB of business documents. They say that Citrix is not the group’s only target – IRIDIUM has attacked over 200 organizations as of recent, including government agencies and other tech companies.

If all this wasn’t scary enough, Resecurity® says that it appears that the attackers may have actually breached the network about 10 years ago and have been lurking silently ever since. Though it doesn’t seem that any customer information was compromised, it’s indeed a very disturbing prospect as the US Department of Defense as well as the Military both use Citrix cloud services. Though there is no cold hard proof yet, it makes sense to derive that IRIDIUM may have been after government information.

Citrix has launched an ongoing forensic investigation into the... Please continue the article at the source


Keep up to date with the latest cybersecurity news and developments.

By subscribing, I understand and agree that my personal data will be collected and processed according to the Privacy and Cookies Policy

Cloud Architecture
Cloud Architecture
445 S. Figueroa Street
Los Angeles, CA 90071
Google Maps
Contact us by filling out the form.
Try Resecurity products today with a free trial