Security Market Segment LS
Saturday, 09 March 2019 06:19

Citrix says internal network breached, business docs stolen Featured

Citrix chief security and information officer Stan Black. Citrix chief security and information officer Stan Black. Courtesy

Multinational software company Citrix Systems says its internal network has been penetrated by "international cyber criminals" who managed to access and steal business documents.

Citrix provides server, application and desktop virtualisation, networking, software as a service, and cloud computing technologies. Among its clients are some 98% of the Fortune 500, according to its own website.

A blog post authored by Stan Black, chief security and information officer, said the company, which has headquarters in both Florida and California, had been told by the FBI on 6 March of the intrusion.

He said the specific documents that may have been accessed, however, were currently unknown, adding that there was no indication that the security of any Citrix product or service had been compromised.

Ex-NSA hacker Jake Williams told iTWire that one of the biggest takeaways from the Citrix statement was that it did not appear that the company had access logging on its file servers, given that it was unable to say specifically what was taken.

"If we take Citrix at their word, this appears to be more of an espionage case than a supply chain attack," said Williams who now runs his own information security outfit, Rendition Infosec.

Black wrote that the FBI had informed the company that the attackers had probably used a tactic known as password spraying, a technique that exploits weak passwords, to gain entry.

"Once they gained a foothold with limited access, they worked to circumvent additional layers of security," he wrote.

He said the company had started a forensic investigation and engaged an unspecified "leading cyber security firm" to help.

"[We] took actions to secure our internal network; and continue to co-operate with the FBI," Black added, promising the company would provide updates on the investigation as information came to hand.

In January, it reported revenue of US$802 million for the final quarter of the fiscal year that ended on 31 December 2018. Profits were listed as US$166 million.

The company's share price fell by about 3% on news of the breach, according to Reuters.


You cannot afford to miss this Dell Webinar.

With Windows 7 support ending 14th January 2020, its time to start looking at your options.

This can have significant impacts on your organisation but also presents organisations with an opportunity to fundamentally rethink the way users work.

The Details

When: Thursday, September 26, 2019
Presenter: Dell Technologies
Location: Your Computer


QLD, VIC, NSW, ACT & TAS: 11:00 am
SA, NT: 10:30 am
WA: 9:00 am NZ: 1:00 pm

Register and find out all the details you need to know below.



iTWire can help you promote your company, services, and products.


Advertise on the iTWire News Site / Website

Advertise in the iTWire UPDATE / Newsletter

Promote your message via iTWire Sponsored Content/News

Guest Opinion for Home Page exposure

Contact Andrew on 0412 390 000 or email [email protected]


Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.



Recent Comments