Citrix data breach highlights risk of poor passwords
Software provider Citrix has revealed it was the victim of a data breach that compromised around 6TB of sensitive data, including emails, blueprints and other business documents that may include customer information.
In a statement, the firm said it had been alerted to the breach by the FBI, which contacted the organisation on March 6th to advise that it had reason to believe the company had been targeted by “international cyber criminals”.
Although the exact details are still unknown, the FBI stated the breach was likely the result of a ‘password spraying’ attack, which allowed hackers to gain a limited foothold in Citrix’s network, from which they could act to circumvent additional layers of security.
This type of attack uses lists of a small number of common passwords to brute force large numbers of accounts. They are particularly likely to be successful against large firms such as Citrix, where the chances are high that at least some employees are using common passwords for their accounts.
It could therefore highlight to other firms the risks they face if they continue to allow the use of weak passwords on their network.
Research conducted by the National Cyber Security Centre (NCSC) last year revealed that three-quarters of firms had accounts with login details that featured in the list of top 1,000 most commonly-used passwords, while 87 per cent had accounts with passwords that featured in the top 10,000.
The NCSC said this suggests that password spraying attacks are likely to have some success against these organisations.
In Citrix’s case, the details of exactly what was compromised are still unclear, but the firm said: “While our investigation is ongoing, based on what we know to date, it appears that the hackers may have accessed and downloaded business documents.
“The specific documents that may have been accessed, however, are currently unknown. At this time, there is no indication that the security of any Citrix product or service was compromised.”
The company added it “deeply regrets the impact this incident may have on affected customers”.
Share This Post, Choose Your Platform!
With over 25 years in the business telecoms industry and an unrivalled reputation of delivering excellent, personal customer service, Arrow is one of very few companies in the UK able to provide a full telecoms, IT and energy consultancy and service proposition.
Savings through automation, scale, improved service. We’ve got that covered. But the true value comes with empathy, through empowerment, collaboration. It’s connecting people that drives us forward. It’s people that make tomorrow happen.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.