

Citrix Systems Inc. has issued a threat advisory over a distributed denial-of-service attack that’s actively targeting Citrix Application Delivery Controllers.
The campaign involves overwhelming the Citrix ADB Datagram Transport Layer Security network throughput to cause outbound bandwidth exhaustion that can result in potential outages. The effect of the attack is said to be more prominent on connections with limited bandwidth.
The exact number of users affected was not disclosed in the Wednesday advisory. Citrix said only that the scope of the attack at this time is limited to a small number of customers around the world and that there are Citrix vulnerabilities associated with the event. ZDNet reported today that the attacks have mostly included online gaming services such as Steam and Xbox, with the attacks first detected last week.
A DDoS attack is a malicious attempt to disrupt traffic on a machine or network by flooding it with internet traffic. As Cloudflare notes, it’s like an unexpected traffic jam clogging up a highway, preventing traffic from arriving at its destination.
The intent here isn’t to steal data, although occasionally a DDoS could be hiding another form of attack, but to cause either pain for the company targeted or its users. What the intent of these new attacks are is not known, but targeting a game streaming service just before Christmas could indicate a motive: Attackers in the past have targeted game services, most famously Xbox Live and the PlayStation Network, in December 2014. In many of these attacks, the motive was simply trolling and young hackers showing that they could.
Users of Citrix ADC products are being advised to monitor outbound traffic volume for any significant anomaly or spikes. The company added that it is currently “working on a feature enhancement in DTLS to eliminate the susceptibility to this attack” that should be available from Jan. 12.
In the meantime, customers who are impacted by the DDoS attack can disable DTLS temporarily to stop an attack and eliminate the susceptibility to the attack. Citrix does warn, however, that disabling the DTLS protocol may lead to limited performance degradation to real-time applications using DTLS.
Support our open free content by sharing and engaging with our content and community.
Where Technology Leaders Connect, Share Intelligence & Create Opportunities
SiliconANGLE Media is a recognized leader in digital media innovation serving innovative audiences and brands, bringing together cutting-edge technology, influential content, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — such as those established in Silicon Valley and the New York Stock Exchange (NYSE) — SiliconANGLE Media operates at the intersection of media, technology, and AI. .
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a powerful ecosystem of industry-leading digital media brands, with a reach of 15+ million elite tech professionals. The company’s new, proprietary theCUBE AI Video cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.