UPDATED 19:44 EDT / DECEMBER 24 2020

SECURITY

Citrix warns of active DDoS attack targeting its Application Delivery Controllers

Citrix Systems Inc. has issued a threat advisory over a distributed denial-of-service attack that’s actively targeting Citrix Application Delivery Controllers.

The campaign involves overwhelming the Citrix ADB Datagram Transport Layer Security network throughput to cause outbound bandwidth exhaustion that can result in potential outages. The effect of the attack is said to be more prominent on connections with limited bandwidth.

The exact number of users affected was not disclosed in the Wednesday advisory. Citrix said only that the scope of the attack at this time is limited to a small number of customers around the world and that there are Citrix vulnerabilities associated with the event. ZDNet reported today that the attacks have mostly included online gaming services such as Steam and Xbox, with the attacks first detected last week.

A DDoS attack is a malicious attempt to disrupt traffic on a machine or network by flooding it with internet traffic. As Cloudflare notes, it’s like an unexpected traffic jam clogging up a highway, preventing traffic from arriving at its destination.

The intent here isn’t to steal data, although occasionally a DDoS could be hiding another form of attack, but to cause either pain for the company targeted or its users. What the intent of these new attacks are is not known, but targeting a game streaming service just before Christmas could indicate a motive: Attackers in the past have targeted game services, most famously Xbox Live and the PlayStation Network, in December 2014. In many of these attacks, the motive was simply trolling and young hackers showing that they could.

Users of Citrix ADC products are being advised to monitor outbound traffic volume for any significant anomaly or spikes. The company added that it is currently “working on a feature enhancement in DTLS to eliminate the susceptibility to this attack” that should be available from Jan. 12.

In the meantime, customers who are impacted by the DDoS attack can disable DTLS temporarily to stop an attack and eliminate the susceptibility to the attack. Citrix does warn, however, that disabling the DTLS protocol may lead to limited performance degradation to real-time applications using DTLS.

Image: Arielinson/Wikimedia Commons

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU