We often find our clients will push back on us about password policies. People are concerned if we roll out a password policy that users will forget their passwords and it will be inconvenient for them. We usually joke and say it’s much more convenient to leave your car or house unlocked too, but probably not a good idea. Well last Friday Citrix found out how embarrassing (and financially damaging to their stock) a weak password policy can be. You can read the full article below about their recent breach but the important part to know is how the hackers got in;
“The FBI advised Citrix that the hackers likely used a tactic known as password spraying, where the threat actor tries a single commonly used password against many accounts. If unsuccessful, additional common passwords will be tried until the accounts are accessed.”
It seems so simple but a password like “password” or “p@$$w0rd” could be what gives a hacker the keys to your kingdom. So what can you do?
For our clients we regularly monitor the dark web for “known good” user accounts and passwords associated with their company. If we detect any we immediately take action on those accounts to prevent a future breach. If you feel you may be at risk or have further questions about security related issues like this please don’t hesitate to call or email me directly.
Also note, it is not believed that the Citrix software itself was compromised. It appears the hackers only stole corporate documentation and did not go near the source code.