More than seven hundred Dutch servers are vulnerable to hackers due to a vulnerability at the American software company Citrix, research by Bath packets. According to IT security expert Matthijs Koot, this includes servers from ministries, hospitals, mental healthcare institutions, a large bank and an airport.
Citrix provides software for companies, including ‘virtual desktops’ that can be used from the cloud or a network. The vulnerability in the Citrix network ensures that remote malicious parties are able to execute a code in the company’s system. The software company warns that this allows malicious parties to take over the systems.
Matthijs Koot, employed at Secura and a researcher at the University of Amsterdam, scanned the internet for Dutch servers with this vulnerability and concluded that this is a “very big problem with great urgency”. He found companies where it would have a major impact if the vulnerability were abused by a malicious person.
According to Koot, in some cases attackers can exploit the vulnerability to attack internal systems. Those who do not take measures can therefore run the risk of, for example, data leaks, hostage software and espionage.
Koot does not want to say which specific companies are affected, but talks about several ministries, hospitals, mental healthcare institutions, a large bank, a large insurer and an airport.
The servers are being actively attacked
The vulnerability in the Citrix system has been known since December 2019, but servers are currently being actively attacked, reports the Dutch Center for Cyber Security. That is because a so-called exploit was issued last weekend, programs with which the leak can be exploited. The NCSC gives the vulnerability the highest possible threat level: a 9.8 on a scale from 1 to 10, a spokesperson told NU.nl. It is not known whether companies have actually been hacked.
There is currently no update available to address the vulnerability. Companies can, however, take measures to limit the risks. The NCSC has approached all affected companies. The organization confirms that these are “vital organizations”, but does not want to confirm to NU.nl which specific companies are involved.
– .
