Those of you in tech have probably used or heard of Citrix. The company has been around for decades and sells a variety of products, including remote desktops and network security. It is ironic that they experienced a security breach across their internal corporate network: the breach began last October and was only discovered in March. A series of internal business documents were stolen as a result of this breach. Think about that for a moment: if a network security company can’t detect hackers living inside their network for months, how can mere mortals do it?
The company recently concluded its investigation and to its credit has been very transparent about its process. They hired FireEye to analyze its logs and have since updated their endpoint protection with its product. This post describes what Citrix is doing to tighten its security, and how it has put together a committee to help govern security going forward. That is great. The post concludes by saying, “we live in a dynamic threat environment that requires a culture of continuous improvement.” Very true.
But what I want to call your attention to is how this breach initially happened, and that is through an attack called password spraying. This is a very simple attack: you start with a list of login IDs and pair them with a series of common passwords until you find a pair that works. The link above has suggestions of how to use common tools to help determine your own exposure, and if you are new to this term you should spend some time learning more about it.
But even if you aren’t part of a corporate IT department, it is high time for you to change your own personal password policy. It is likely that you are using a common password somewhere across your many logins. This isn’t the first time I have made this recommendation. But if a IT vendor that sells security products can get attacked, it means that anyone is vulnerable. And if your password can be easily found (such as in Troy Hunt’s HIBP database), then you need to be concerned. And you need to start by using a password manager and change your passwords to something complex and unique enough. Now. Today.