Citrix has admitted being hit by a Distributed Denial of Service (DDoS) cyberattack and is investigating the impact the attack may have on its Application Delivery Controller (ADC) devices. Citrix ADC is the most comprehensive application delivery and load balancing solution for application security and holistic visibility.
In its update Citrix stated “Citrix is aware of a DDoS attack pattern impacting Citrix ADCs. As part of this attack, an attacker or bots can overwhelm the Citrix ADC DTLS (Datagram Transport Layer Security) network throughput, potentially leading to outbound bandwidth exhaustion,”
However, Citrix promised to release a fix in mid-January 2020. Citrix said “Citrix is working on a feature enhancement in DTLS to eliminate the susceptibility to this attack. Citrix expects to have this enhancement available on the Citrix downloads page for all supported versions on Jan 12, 2021,”
Customers who are impacted by this attack can disable DTLS temporarily to stop an attack and eliminate the susceptibility to the attack, it added. The effect of this attack appears to be more prominent on connections with limited bandwidth.
According to ZDNet, victims of these Citrix-based DDoS attacks have mostly included online gaming services, such as Steam and Xbox. The first of these attacks were detected and documented by German IT systems administrator Marco Hofmann.
Citrix said that at this time, the scope of attack is limited to a small number of customers around the world.
Citrix noted that “There are no known Citrix vulnerabilities associated with this event. If the Citrix Security Response Team discovers that a product is vulnerable to DDoS attacks because of a defect in Citrix software, information about affected products will be published as a security bulletin,”