Citrix—one of the world’s largest networking and remote access technology companies—announced malicious hackers inside its networks for five months between 2018 and 2019. This comes almost a year after the breach of its network was announced following an FBI alert.
According to coverage from Krebs on Security, “...in a letter sent to affected individuals dated Feb. 10, 2020, Citrix disclosed additional details about the incident. According to the letter, the attackers ‘had intermittent access’ to Citrix’s internal network between Oct. 13, 2018 and Mar. 8, 2019, and that there was no evidence that the cybercrooks still remain in the company’s systems.”
This comes on the heels of the company’s January release of patches for a known vulnerability more than one month after it was identified and approximately two weeks after hackers started using publicly released exploit code to breach-vulnerable customers of Citrix.
As mentioned in a January note, companies rely upon Citrix to secure their networks or, as the company says, “giving IT the peace of mind that critical systems will always be accessible and secure.”
A couple items to note:
Transparency matters. The Citrix breach became known because of an FBI alert, and it is staying in the news, in part, because of the company’s legal obligation across several U. S. states to notify customers if their financial data could have been compromised.
Security of the network and supply chain can’t be short-changed. A technology/security expert and beneficiary of digital transformation more broadly, Citrix exemplifies one of the inherent weaknesses in digital infrastructure. When Citrix suffers a breach, it risks exposing any of its thousands of customers in the process. Amid the continued focus on the business benefits of digital transformation, the ongoing Citrix story should serve as a cautionary tale for companies. Security should be as much a part of the business equation as cost savings and growth when deciding how best to harness the power of digital technology.