Itpa webheader

Citrix attackers lay undetected for 6 months

By Dylan Bushell-Embling
Tuesday, 07 May, 2019

Citrix attackers lay undetected for 6 months

The attackers that had compromised the internal Citrix network lay undetected for around six months prior to the breach being discovered and disclosed in March.

A data breach notice submitted to California’s attorney general by the software company on 29 April states that the attackers appear to have had intermittent access to its network between 13 October and 8 March.

During this time, attackers appear to have removed files which may have included information about both current and former employees — and in some cases, beneficiaries or dependants of these employees. This could include social security numbers and financial information.

Citrix said it has found no indication that the security of any of the company’s products or services were compromised in the attack.

The company added that it has introduced unspecified measures to expel the attackers from its systems, and has found no evidence that the attackers still have access. The company is meanwhile investing in improvements to its internal security.

In a blog post, Citrix Vice President of Corporate Communications Eric Armstrong revealed that the attackers appear to have used password spraying techniques to gain a limited foothold into the network.

Password spraying involves spreading login attempts using commonly used or weak passwords across many accounts in order to avoid detection by threshold alarms.

Citrix has addressed the vulnerability by performing a forced password reset throughout the Citrix corporate network and improving internal password management protocols.

Image credit: © Lintang

Information Technology Professionals Association (ITPA) is a not-for-profit organisation focused on continual professional development for its 18,700 members. To learn more about becoming an ITPA member, and the range of training opportunities, mentoring programs, events and online forums available, go to

Related Articles

Does Australia really have an ICT skills shortage?

Industry complains of the lack of skilled IT staff while at the same time students are flocking...

Australian-led operation takes down hacking tool

The AFP has led an international law enforcement action taking down a website hosting a remote...

Playing into the hands of the criminals

Law enforcement agencies are calling for backdoors to be installed in encryption apps. These...

  • All content Copyright © 2019 Westwick-Farrow Pty Ltd