top of page

6 Lessons Learned From The Citrix Breach Details of the password spraying cyber attack and what ente

On March 6, 2019, the FBI contacted Citrix to advise they had reason to believe that international cyber criminals gained access to the internal Citrix network, according to Stan Black, CISSP and the CSIO of Citrix.

He wrote in a blog that “Citrix has taken action to contain this incident. We commenced a forensic investigation; engaged a leading cyber security firm to assist; took actions to secure our internal network; and continue to cooperate with the FBI.”

He also wrote that Citrix is moving as quickly as possible, with the understanding that these investigations are complex, dynamic and require time to conduct properly. “In investigations of cyber incidents, the details matter, and we are committed to communicating appropriately when we have what we believe is credible and actionable information.”

Password “Spraying” Cyber Attack

While the FBI is still investigating the details, reported that the Iranian-backed Iridium hacker group hit Citrix in December last year and again this time, stealing at least 6 terabytes of sensitive internal files, including emails, blueprints, and other documents.