There have been a number of high-profile data breaches reported in recent weeks, now Citrix has announced its users have been impacted after receiving multiple reports of GoToMyPC password reuse attacks. An investigation into the attacks revealed that the account compromises were not the result of a Citrix data breach, but that the attacks had been made possible due to poor security practices of some of its users.
Passwords Reset After Spate of GoToMyPC Password Reuse Attacks
After discovering the GoToMyPC password reuse attacks, Citrix performed a password reset on all users’ accounts to reduce the risk of account compromises. When users next login to the remote desktop access service they will be required to set up a new password before being allowed to access the service.
While Citrix has taken steps to protect its own users, simply changing passwords on GoToMyPC will not protect users who share passwords across multiple applications and web services. It is therefore important for users to login to all online accounts that have the same password set and to create new, unique passwords for each.
Following the cyberattacks on LinkedIn, MySpace, and Tumblr, login credentials were openly sold on darknet marketplaces. Many individuals purchased the data and have been searching online platforms to find users that have accounts elsewhere. The same passwords are then tried to see if access can be gained.
Shortly after these data dumps, numerous Twitter accounts were hacked, including those belonging to a number of high profile celebrities – Katy Perry, Mark Zuckerberg, Tenacious D, and Lana Del Rey for example. While the hacking of a Twitter account may only be an inconvenience for many victims, far more serious hacks have occurred.
TeamViewer remote desktop connection software was targeted by attackers who had obtained data from the LinkedIn breach. Users’ accounts were accessed and the software leveraged to obtain access to users’ PayPal accounts and bank accounts, primarily using passwords saved in browsers. The victims had their bank and PayPal accounts emptied. Some individuals also reported that TeamViewer had been used to install ransomware on their computers.
Since many individuals share passwords on personal accounts and business accounts, the latter may also be compromised and that can have highly serious implications.
The Danger of Password Sharing
All organizations face a threat of cyberattacks and sooner or later it is likely that one of those attacks will be successful. If users’ login credentials are obtained, they can be used to access accounts on other web and software platforms.
The spate of recent attacks shows how dangerous it can be to use the same passwords for multiple accounts. While it is certainly convenient to use the same password on multiple platforms, users stand to have their entire online identity hijacked as a result of a single cyberattack on one company.
To limit the damage caused, it is essential to use a unique, complex password for each online account, never to recycle passwords, and to update passwords frequently. Sys admins should ensure that password policies are set that require complex passwords to be created. Password expiration policies should also be developed and implemented. Password managers can be used to help end users keep track of all of their passwords.