Citrix Internal Network Hacked and Access the Most Sensitive Data for 6 Months by Unknown Hackers

Jun 04, 2019
Posted by
Cyber Security

Popular enterprise software company Citrix that provides services to the U.S. military, the FBI, many U.S. corporations, and various U.S. government agencies finally confirms that the cybercriminals successfully compromised their internal network and accessed the most sensitive files also they removed from their network during the security breach that reported in March.

Citrix Systems, Inc. a well-known software company that provides server, application, and desktop virtualization, networking, software as a service, and cloud computing technologies for NASA, FBI, etc.

Citrix encountered an enormous data breach and the organization were trusted that the assailants may have stolen somewhere around 6 TB to 10 TB of data.

In March when FBI informed to Citrix regarding this incident that they trusted that Iran-base organized cybercrime group called Iridium who may have stolen somewhere around 6-10 TB of highly sensitive data that has a place with the venture information of aeronautic trade, the FBI, NASA, and Saudi Arabia’s state-possessed oil company.

IRIDIUM is an Iranian-connected hacking group that was also behind ongoing digital assaults against in excess of 200 government offices around the world, oil and gas organizations, innovation organizations and different targets.

IRIDIUM exclusive procedures incorporate bypassing multifaceted verifications for critical applications and administrations for further unapproved access to VPN channels and SSO (Single Sign-On).

However, the FBI believes that the miscreants likely used a “password spraying” attack where the attackers guessed weak passwords to gain an early foothold in the company’s network in order to launch more extensive attacks.

“While not confirmed, the FBI has advised that the hackers likely used a tactic known as password spraying, a technique that exploits weak passwords. Once they gained a foothold with limited access, they worked to circumvent additional layers of security,” Citrix said in a blog post.

During the attack, threat actors utilized a combination of tools, strategies, and techniques, enabling them to direct focused on system interruption to get to The internal network.

After this occurrence learned by Citrix, they conveyed the security specialists and quickly propelled an investigation.

For this situation, FBI was guaranteed that Citrix Hacked by international cyber criminals who have accessed the internal system and stole the delicate business reports.

Presently, Citrix Released another explanation that named as “Notice of Data Breach” to Office of the Attorney General and all the Citrix employees who were endured by this data breach.

In view of the examination report, Citrix confirmed that the cybercriminals had irregular access to our netwrok between October 13, 2018, and March 8, 2019, and that they expelled records from Citrix internal systems.

Stolen data contains present and previous employees and, in constrained cases, data about recipients or potentially wards including names, Social Security numbers, and money related data.

“So as to discover the arrangement and future counteractive action Citrix have drawn in driving cyber security firms to help our internal team with its forensic investigation, and furthermore coordinating with the FBI regarding their examination of the cyber criminals”, Peter Lefkowitz, Chief Privacy and Digital Risk Officer said.

Also, and as a precautionary measure, we have organized you, at your choice, to join up with Equifax ID Patrol, a complimentary one-year credit observing, dim web checking, and character reclamation administration. You have until August 31, 2019, to initiate the free, Citrix included their announcement.