AMSTERDAM - The Public Prosecution Service (OM) is likely not the only victim of the major security vulnerability in the widely used Citrix software. “Several critical organizations in the Netherlands have been successfully attacked,” the National Cyber Security Center (NCSC) of the Ministry of Justice and Security reported on Monday. 

According to the NCSC, this was a “sophisticated attack” in which the perpetrators exploited a previously undiscovered vulnerability, known as a zero-day. After being infected, the hackers “actively erased traces” to conceal their penetration into the affected organizations, the NCSC said. 

The NCSC also stated that it is uncertain which organizations the attackers penetrated and whether they are still active. Citrix has released updates to close the security vulnerability, but according to the government’s cybersecurity center, updating is “not sufficient to eliminate the risk of abuse.” 

In June, the NCSC warned of problems with Citrix’s NetScaler ADC and NetScaler Gateway services. Organizations use these services to enable remote work. Malicious actors were able to gain access to that system. One of the vulnerabilities “is being actively exploited,” according to the security advisory. 

The OM disconnected its systems from the internet in mid-July due to the hack, through which unauthorized individuals gained access to the OM’s systems. It is not yet clear what information they obtained. The OM has been reachable by email again since last week, but large files cannot yet be emailed.