Home » Topics » Cybersecurity » Hackers could’ve gained access to every Citrix customer’s computer – and Citrix didn’t notice a thing

Hackers could’ve gained access to every Citrix customer’s computer – and Citrix didn’t notice a thing

Avatar photoby Ben Rossi

If multi-billion dollar software giant Citrix can let a major hack go under its radar, what hope is there for you? – that seems to be the message behind the latest cyber security attack, in which Russian hacker group w0rm claims to have been able to gain access to the content management system on the Citrix network via an insecure password.

W0rm has previously offered to sell stolen data from the Wall Street Journal,  BBC, Adobe, Vice and CNET, but also runs legitimate penetration testing, putting it somewhere between a blackhat and whitehack hacker. It claims to have undertaken the Citrix hack for altruistic reasons, using its powers to expose the security flaws of big networks.

> See also: Dangerous liaisons: how the Ashley Madison hack ended the age of innocence in cyber security

The hack took place in October and was exposed by security firm Cyberint in Israel, but Elad-Ben Meir, Cyberint's vice president of marketing, told SC Magazine the company failed to respond to repeated attempts to notify it. The hackers themselves also tweeted Citrix with a link to its blog post (in Russian) and received no response.

The group was able to exploit a series of security holes to gain access to the company's administrative system, including the remote assistance system, potentially giving it remote access to thousands of customers' endpoints.

Those endpoints could then be used to steal sensitive information or to hijack as a botnet to run DDoS attacks.

'The truly disturbing thing about this incident is that it shows how easily even very reputable external IT contractors, on whom companies rely to protect their data in the cloud, are vulnerable,' said Meir.

> See also: Go hack yourself: what is white hat hacking and why are businesses turning to it?

Tony Pepper, CEO of security specialist Egress Software, said the incident prompts questions about organisations' ability to effectively deploy information security measures across their business. 

'Furthermore, with new EU regulations now promising to enforce mandatory data breach reporting for all companies, with fines reaching 4% of global revenues for those found in breach, companies need to act now to protect all customer data or else face the consequences,' said Pepper.

Avatar photo

Ben Rossi

Ben was Vitesse Media's editorial director, leading content creation and editorial strategy across all Vitesse products, including its market-leading B2B and consumer magazines, websites, research and...

Related Topics

Citrix
Data Breach

Related Stories

Cybersecurity

How AI will shift the security landscape in 2024

The impact of AI within cybersecurity is expected to grow significantly this year, says Alex Holland, senior malware analyst at HP

AI & Machine Learning

NCSC releases guidelines for secure AI development

New guidance from the National Cyber Security Centre (NCSC) aims to help businesses securely innovate with AI and minimise risks

Cybersecurity

3 cybersecurity compliance challenges and how to address them

Earning those trust seals can strengthen relationships with board members and prospective customers, but it sure isn’t easy.

Cybersecurity

70% of UK firms reported cyber insurance changes in past year

According to research from Databarracks, seven in 10 UK businesses have seen changes to their cyber insurance in the past 12 months, as requirements rise