Stan Black: Citrix Launches Forensic Investigation Into Internal Network Breach

Stan Black: Citrix Launches Forensic Investigation Into Internal Network Breach - top government contractors - best government contracting event

Stan Black, chief security and information officer at Citrix, has said the company was informed by the FBI on Wednesday that international cyber hackers may have accessed and downloaded documents through a tactic that uses weak passwords called password spraying.

Black wrote in a blog post published Friday that Citrix has launched a forensic investigation, sought the help of a cybersecurity firm and initiated actions to protect its internal network in response to the incident.

“The specific documents that may have been accessed, however, are currently unknown,“ Black noted.

“At this time, there is no indication that the security of any Citrix product or service was compromised.“

NBC News reported Saturday that a group of Iranian-backed threat actors called Iridium was behind the breach, stealing over six terabytes of data using compromised employee accounts.

Cyber firm Resecurity told the publication the company initially detected in December the cyber attack, which was followed by another one on Monday.

Charles Yoo, president of Resecurity, said Iridium was also linked to other breaches targeting government agencies and oil and gas firms.

You may also be interested in...


Air Force Taps CloudBees to Support Software Development, Implementation Efforts

CloudBees will help the goverment with its adoption of DevSecOps capabilities as part of the U.S. Air Force's Small Business Innovative Research Phase 1 contract award. Michael Wright, director of public sector at CloudBees, said the company's Software Delivery Automation offering is designed to provide the Air Force, Department of Defense and other agencies with assistance in developing and implementing secure software.


CAE-Pinnacle JV to Update Army Watercraft Training Systems

A joint venture between CAE USA and Pinaccle Solutions has received a delivery order to update a suite of systems used to train U.S. Army personnel in watercraft operations. Xebec Government Services will refresh expeditionary fast transport, vessel defense and full mission bridge simulator configurations in the service branch's Maritime Integrated Training System, CAE said Tuesday.


Perspecta to Help Marine Corps Further Build Cyber Capability

Perspecta has secured a two-year, $17.9 million task order from the Naval Information Warfare Center Pacific to develop, test, integrate and maintain software for Marine Corps Forces Cyberspace Command. The company said Wednesday the cyber tool development award is meant to help MARFORCYBER augment the command's operational performance in cyberspace.