Iranian-backed hackers have managed to steal vast amount of data from Citrix which handles sensitive projects for the White House communications agency, the US military, the FBI and many US businesses.
The US-based software company came under attack in December and again last week according to the cybersecurity firm Resecurity which first notified the company and law enforcement agencies regarding the attacks.
The assault on Citrix was carried out by the Iranian hacking group Iridium which employed brute force attacks to guess the firm’s passwords. According to Resecurity’s president Charles Yoo, Iridium was also behind recent cyberattacks against a number of government agencies, oil and gas companies as well as other targets.
The hackers were able to extract at least six terabytes of data and possibly up to 10 terabytes of data during the two attacks on Citrix where compromised employee accounts were used to gain access to its data.
While evidence that the hackers were able to breach US government networks has not been found yet, the attacks show how an attacker could potentially obtain sensitive government information through a third-party such as Citrix.
According to a statement from the company, the FBI informed its leadership that the firm had come under attack from “international cybercriminals” and that it was currently taking action “to contain this incident”, saying:
“While our investigation is ongoing, based on what we know to date, it appears that the hackers may have accessed and downloaded business documents. The specific documents that may have been accessed, however, are currently unknown. At this time, there is no indication that the security of any Citrix product or service was compromised.”
Citrix has not yet released many important details related to the attack such as the time period over which it occurred or how many employee accounts may have been compromised.
Via NBC News
- Keep your systems protected from the latest cyber threats with the best antivirus