Desktop virtualisation leader Citrix has been hit by a distributed denial of service (DDoS) cyberattack, the company said. It said that it is investigating the impact the attack that may have on its application delivery controller (ADC) devices.
“Citrix is aware of a DDoS attack pattern impacting Citrix ADCs. As part of this attack, an attacker or bots can overwhelm the Citrix ADC DTLS (Datagram Transport Layer Security) network throughput, potentially leading to outbound bandwidth exhaustion,”
“Citrix is working on a feature enhancement in DTLS to eliminate the susceptibility to this attack. Citrix expects to have this enhancement available on the Citrix downloads page for all supported versions
It further said that the affected customers can disable DTLS temporarily to stop an attack and eliminate the susceptibility to the attack.
The effect of this attack appears to be more prominent on connections with limited bandwidth.
Citrox said that at this time, the scope of attack is limited to a small number of customers around the world. “There are no known Citrix vulnerabilities associated with this event. If the Citrix Security Response Team discovers that a product is vulnerable to DDoS attacks because of a defect in Citrix software, information about affected products will be published as a security bulletin,”.