Citrix Internal Network Breached – Terabytes of Sensitive Data Stolen by Iranian Hackers
Attackers used a short list of passwords to knock on every digital door to find vulnerable systems in the vendor's network.
The recent cyberattack on enterprise technology provider Citrix Systems using a technique known as password spraying highlights a major problem that passwords pose for companies: Users who select weak passwords or reuse their login credentials on different sites expose their organizations to compromise.
On March 8, Citrix posted a statement confirming that the company's internal network had been breached by hackers who had used password spraying, successfully using a short list of passwords on a wide swath of systems to eventually find a digital key that worked. The company began investigating after being contacted by the FBI on March 6, confirming that the attackers appeared to have downloaded business documents.
Because Citrix provides a variety of services to companies, including a popular remote access service, the attackers could use it as a step into other companies.