Welcome To The Route1 HUB On AGORACOM
Route1 is the trusted provider of security and identity management network solutions that are redefining today's digital landscape
Message: Route1 talks up MobiKEY in response to Citrix hack
Route1 talks up MobiKEY in response to Citrix hack
2019-03-11 12:31 ET - News Release
Mr. Tony Busseri reports
ROUTE1 RESPONDS TO REPORTED CITRIX HACK
Route1 Inc. has responded to Friday's report from multiple news agencies that enterprise server, application and desktop virtualization provider Citrix has suffered a hack that may have led to stolen sensitive information about its technology as well as the data of enterprises using its technology.
As reported in PC Magazine: "The FBI [Federal Bureau of Investigation] contacted Citrix about international cyber criminals breaking into the company's networks, Citrix revealed Friday. The feds told Citrix that the hackers likely broke in by successfully guessing the weak password to a company account using a tactic known as 'password spraying.'"
According to the U.S. Department of Homeland Security, in a traditional brute-force attack, a malicious actor attempts to gain unauthorized access to a single account by guessing the password. This can quickly result in a targeted account getting locked out, as commonly used account lockout policies allow three to five bad attempts during a set period of time. During a password spray, the malicious actor attempts a single password against many accounts before moving on to attempt a second password. This technique allows the actor to remain undetected by avoiding rapid or frequent account lockouts.
Password spray campaigns typically target single-sign-on (SSO) and cloud-based applications utilizing federated authentication protocols. An actor may target this specific protocol because federated authentication can help mask malicious traffic. Additionally, by targeting SSO applications, malicious actors hope to maximize access to intellectual property during a successful compromise.
In Friday's reported case, it is alleged that malicious actors used several compromised Citrix employee accounts to steal six, and possibly 10, terabytes of data.
Route1 maintains that password-based access to all systems and applications should be eliminated in favour of multifactor authentication. The risk is exacerbated when weak authentication is used in conjunction with SSO. Certificate-based authentication relying on public key infrastructure (PKI) is the preferred method of implementing authentication. Smart-card-based authentication offers the highest degree of protection, and the federal government should only rely on PIV- or CAC-authenticated access for employees and contractors. Of particular concern is remote access, where the attack surface is wide open.
Furthermore, Route1 maintains that allowing inbound communications to an enterprise network (via a VPN (virtual private network) or other remote access solution approaches) creates multiple risk vectors for the enterprise. If it is going to be considered at all, it requires careful selection of the technology to be deployed, as many remote access solution providers treat security implementation as an afterthought. Route1's MobiKEY technology is a remote access technology that does not weaken the network perimeter. No open inbound ports is just one example of how the MobiKEY technology differs from the competition.
Additionally, if an enterprise is using Citrix to virtualize its desktops and then extend remote access to the virtualized desktop, Route1's MobiKEY should be deployed. MobiKEY will enhance the security of an enterprise's network and data, as well as deliver a complete user experience for the mobile worker.
MobiKEY is currently trusted by the U.S. government and enterprise security teams to secure external access to Citrix VDI installations. MobiKEY is a proven solution to increase an enterprise's security posture. MobiKEY enhances a Citrix deployment for remote access as follows:
- Delivers simplified access to VDI resources for end-users, as the MobiKEY solution is completely portable;
- Provides access to VDI resources without the need for government- or enterprise-furnished equipment, delivering a rapid return on investment;
- For the U.S. government, provides integrated HSPD-12-compliant, PIV-based and CAC-based user authentication;
- No edge gateway, eliminating the risk of penetration attacks;
- Mitigates risk from remote end point malware;
- Designed to protect from data leakage;
- Seamlessly integrates with Citrix VDI (there are multiple deployment models available);
- Eliminates the need for a VPN to connect remote users (MobiKEY is the un-VPN);
- Minimal learning curve for end-users, compared with traditional Citrix VDI deployments, which will reduce help desk calls and deployment costs;
- Enhances the overall end-user experience.
Citrix is an American multinational software company that provides networking, software as a service, server, application and desktop virtualization, and cloud computing technologies.
About Route1 Inc.
Route1, operating under the trade name GroupMobile, is North America's most advanced provider of industrial-grade data intelligence, user authentication and ultrasecure mobile work force solutions. The company helps all manner of organizations, from government and military to private sector, to make intelligent use of devices and data for immediate process improvements while maintaining the highest level of cybersecurity.
© 2019 Canjex Publishing Ltd. All rights reserved.
Please login to post a reply