Secure your critical apps against potential state-sponsored cyberattacks 

April 20, 2022

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned organisations that their critical apps should be prepared against potential state sponsored cyberattacks. “Every organisation – large and small – must be prepared to respond to disruptive cyber activity,” the agency said in a recent update. 

Apps have become a backbone for every organisation. They are used for much more than revenue generation and can be a crucial link between an organisation and its customers. But they can also provide an entry point for a cyberattack. Research has shown that these bad actors typically use known and zero-day vulnerabilities in internet-facing applications as entry points to gain access to an organisation’s digital infrastructure. That is why web app security is crucial to protecting the sensitive assets of the entire business! 

Nation-State Sponsored Cyberattack Model 

  • Pre-Exploit: State-sponsored threat actors infect vulnerable hosts with malware that enables them to build the botnet necessary for their malicious actions. 
  • Exploit: Orchestration of malicious intent. This might be via the creation of an availability risk for business’s critical apps through distributed denial of services (DDoS) attack or a more specific attack that exploits an application’s particular vulnerabilities. 
  • Post Exploit: Exfiltrate the PII/PHI-like information to their command-and-control center or destroy systems to make the data useless. 

Protecting Apps and How Citrix Can Help 

Customers should follow or their national authorities recommendations and increase their vigilance. In addition, Citrix customers should consider the following solutions to improve the security of their applications from vulnerabilities.

Pre-Exploit 

  • Citrix’s bot management solution can help you to distinguish between the good bots, bad bots, and human clients in your traffic. Citrix machine learning techniques can also detect signs that your devices are being recruited as part of a botnet. 
  • Citrix Analytics for Security can help you enforce the principle of least privilege (PoLP) by continuously assessing the privileged users’ access and activity.  

Exploit 

  • Citrix Web App Firewall protects applications from attacks like cross-site scripting, SQL injections, session redirects, and browser-based malware that uses JavaScript and privileged access. 
  • Citrix DDoS mitigation service provides holistic DDoS protection against even the largest attacks. Available as an always-on or on-demand DDoS attack management service, it features one of the world’s largest dedicated scrubbing networks with 14 PoPs across the globe and 12 Tbps capacity that protects applications from large-scale volumetric DDoS attacks. 

Post Exploit 

  • Citrix Analytics for Security and Citrix App Delivery and Security solutions can help you to detect the early indications of resource exhaustion and/or data exfiltration attacks through the purpose-built machine learning models. This can mitigate further compromise of your systems by bad actors as they try to carry out lateral spread within your environment. 

Learn More 

Contact us to learn more about how you can protect your organisation with Citrix’s bot management solution, Citrix Web App Firewall, and Citrix Analytics for Security. 

Recent posts
5 ways Citrix Workspace and Microsoft Teams enable people to do their best work 
Read about 5 ways Citrix Workspace & Microsoft Teams enable people to to do their best work

    Leave a comment

    4 × 2 =