To me this whole report basically translates to "Someone did a nmap/nessus scan of some IPs and some people received phishing e-mails". And I really hope we won't ever have an actual real war over some Citrix admins not updating their internet facing systems and some employees clicking some spam e-mail...