DRJ Fall 2019

Conference & Exhibit

Attend The #1 BC/DR Event!

Summer Journal

Volume 32, Issue 2

Full Contents Now Available!

Wednesday, 13 March 2019 15:15

Citrix Breach Underscores Password Perils

Attackers used a short list of passwords to knock on every digital door to find vulnerable systems in the vendor's network.

The recent cyberattack on enterprise technology provider Citrix Systems using a technique known as password spraying highlights a major problem that passwords pose for companies: Users who select weak passwords or reuse their login credentials on different sites expose their organizations to compromise.

On March 8, Citrix posted a statement confirming that the company's internal network had been breached by hackers who had used password spraying, successfully using a short list of passwords on a wide swath of systems to eventually find a digital key that worked. The company began investigating after being contacted by the FBI on March 6, confirming that the attackers appeared to have downloaded business documents. 

Password spraying and credential stuffing have become increasingly popular, so companies must focus more on defending against these types of attacks, according to Daniel Smith, head of threat research at Radware.

...

https://www.darkreading.com/application-security/citrix-breach-underscores-password-perils/d/d-id/1334139