Enterprise VPN provider, Citrix, was subjected to a hack which is doubted to have stolen private data pertaining to the company’s technology.
On Friday, Citrix told that FBI informed them about “international cyber criminals” working their way into the organization’s networks.
They were further told that most probably the criminals resorted to the technique of “password spraying” to break into the company’s networks. They did do by appropriately guessing the password to an account which belongs to the company.
The hackers involved are reported to be a part of an Iranian Hacking group which has attacked over 200 companies, along with multiple government agencies, technology firms and gas, and oil companies.
Referenced from a blog post by Resecurity, the cybersecurity firm contacted Citrix in an attempt to warn them about the hack which was on the way.
And, while refraining from telling the origins of the source from where the firm learned of the hack, it said that it “has shared the acquired intelligence with law enforcement and partners for mitigation.”
While FBI denied commenting on the matter, Resecurity drew a connection between the hackers and a nation state, “due to strong targeting on government, military-industrial complex, energy companies, financial institutions and large enterprises involved in critical areas of economy.”
Citrix expressed a probability of business documents being acquired and downloaded by the attackers and told in a notice, “The specific documents that may have been accessed, however, are currently unknown.”
“Citrix has taken action to contain this incident. We commenced a forensic investigation; engaged a leading cybersecurity firm to assist; took actions to secure our internal network; and continue to cooperate with the FBI,” the company further included in the notice.