Citrix, the networking software company, disclosed late last week that its network was infiltrated.
According to Citrix, the company was contacted by the FBI earlier in the week about the incident. The company said it could be the work of international cybercriminals.
In a statement, Citrix said it has taken action to contain the incident. “We commenced a forensic investigation; engaged a leading cybersecurity firm to assist; took actions to secure our internal network; and continue to cooperate with the FBI,” Citrix wrote. “Citrix is moving as quickly as possible, with the understanding that these investigations are complex, dynamic and require time to conduct properly. In investigations of cyber incidents, the details matter, and we are committed to communicating appropriately when we have what we believe is credible and actionable information.”
The company went on to say that although the investigation is ongoing, it appears hackers may have gotten access and downloaded business documents. Citrix said it’s not clear which documents were downloaded. “At this time, there is no indication that the security of any Citrix product or service was compromised,” Citrix went on to say. “While not confirmed, the FBI has advised that the hackers likely used a tactic known as password spraying, a technique that exploits weak passwords. Once they gained a foothold with limited access, they worked to circumvent additional layers of security.” Citrix said it will keep customers updated as the investigation moves ahead and will continue to work with law enforcement. It said it started a forensic investigation, engaged a cybersecurity company and have taken actions to secure its internal network.
The disclosure on the part of Citrix comes at the same time executives at Marriott and Equifax appeared before Congress to discuss lessons learn from their massive data breaches. With the problem increasing in frequency, lawmakers and regulators are stepping up their oversight.