Mitigate Cyber

6TB Citrix Data Breach

Cloud computing and software company Citrix have recently been the victim of a major cyber attack, with attackers gaining access to what cyber security firm Resecurity claims is ‘at least 6 terabytes of sensitive data stored in the Citrix enterprise network, including e-mail correspondence, files in network shares and other services used for project management and procurement.’

Over 400,000 organisations worldwide, including governments, militaries and as much as 90% of Fortune 500-listed companies, use Citrix products, raising fears of subsequent attacks. The Iran-linked IRIDIUM group have been suggested as possible culprits, although attribution is still in early days. The FBI is currently investigating.

The attackers are believed to have gained access via password spraying, in which common passwords are attempted en masse in the hope of compromising one of many user accounts (as opposed to brute forcing, where a large number of passwords are attempted for a single account). Having gained this initial foothold, the attackers manoeuvered around additional layers of security in order to reach their target.

This is yet another example of the need for better user awareness around the risks of weak passwords, and of the importance of moving beyond passwords as the sole means of authentication. The NCSC have released guidance on mitigating the risk of password spraying attacks.

Latest Articles

HAPPY SECURE NEW YEAR: HERE’S The cyber security trends to watch out for in 2021

It’s fair to say a lot changed in 2020. It was an unprecedented year, full of uncertainty, both economically and politically. 2021 has started much the same, with anytime, anywhere, remote working patterns remaining prevalent in the business world.

We are now, more than ever, reliant on our technology. But with that reliance comes the need to ensure it’s safe and secure usage. Here are the key cyber security trends to watch out for this year.

Read More »
Scroll to Top