According to Resecurity president Charles Yoo, Citrix has been the victim of an absolutely epic hack where as much as 10 TB of data might have been stolen. Apparently the hack was focused on assets related to NASA, aerospace contracts, Saudi Arabia’s state oil company and the FBI. And Citrix CSIO Stan Black has written a blog post confirming the attack. Here’s the kicker, the hackers, who are tied to the Iranian government, used a technique called “password spraying” where attackers guess at weak passwords, and then work their way up to bigger attacks once inside. And speaking of being inside, the hackers might have been inside the Citrix network for as much as a decade before swiping all that data.
Yikes.
The FBI is investigating and I am sure given what is known about this hack, heads inside the IT department should (if there is any decency in the world) be rolling as I type this. I say that because it’s one thing to be pwned by hackers. But it’s another thing entirely to be pwned for a decade without anyone noticing. That my friends illustrates that someone inside the Citrix IT department was truly asleep at the switch.
Related
This entry was posted on March 11, 2019 at 11:25 am and is filed under Commentary with tags Citrix, Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Citrix Pwned….. Iran Connected Hackers May Have Scooped Up 10TB Of Data
According to Resecurity president Charles Yoo, Citrix has been the victim of an absolutely epic hack where as much as 10 TB of data might have been stolen. Apparently the hack was focused on assets related to NASA, aerospace contracts, Saudi Arabia’s state oil company and the FBI. And Citrix CSIO Stan Black has written a blog post confirming the attack. Here’s the kicker, the hackers, who are tied to the Iranian government, used a technique called “password spraying” where attackers guess at weak passwords, and then work their way up to bigger attacks once inside. And speaking of being inside, the hackers might have been inside the Citrix network for as much as a decade before swiping all that data.
Yikes.
The FBI is investigating and I am sure given what is known about this hack, heads inside the IT department should (if there is any decency in the world) be rolling as I type this. I say that because it’s one thing to be pwned by hackers. But it’s another thing entirely to be pwned for a decade without anyone noticing. That my friends illustrates that someone inside the Citrix IT department was truly asleep at the switch.
Share this:
Like this:
Related
This entry was posted on March 11, 2019 at 11:25 am and is filed under Commentary with tags Citrix, Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.