2 min Security

FBI: ‘Citrix Bleed caused data breach at Boeing’

FBI: ‘Citrix Bleed caused data breach at Boeing’

According to the U.S. intelligence agency FBI and security regulator CISA, the Citrix Bleed vulnerability is the cause of the recent data breach at aircraft manufacturer Boeing. Affiliates of the LockBit 3.0 ransomware gang are being held responsible.

A recent Joint Cybersecurity Advisory from the U.S. security agency FBI and cybersecurity regulator CISA reveals that the well-known Citrix Bleed vulnerability was responsible for the recent data breach at Boeing.

In this data breach, the ranssomware hackers captured more than 43 GB of sensitive data. The aircraft manufacturer has refused to pay for preventing or relaying the data.

Citrix Bleed vulnerability

Citrix Bleed has been a common problem for companies using Citrix NetScaler or Citrix NetScaler ADC since it was discovered in the month of October. The tech giant did release a patch for this, but it is not yet being installed by everyone revealed by surveys from various security experts.

Consequently, the vulnerability is now being actively abused by hackers to a large extent. This abuse often predates the final discovery.

LockBit 3.0 causes Boeing attack

The FBI and CISA identify the well-known ransomware gang LockBit 3.0 and its affiliates as the ultimate hackers behind the Boeing attack and likely more attacks that exploit the Citrix vulnerability.

Both organizations therefore urge companies to isolate the affected Citrix systems within their IT environments and update them with the fix released by the vendor for it.

Also read: Citrix Bleed vulnerability exploited before it was even discovered