Category Archives: Citrix

  • 0

Digital Vikings and the Internet of Ransomed Things

Category : Citrix

The saying “Prediction is very difficult, especially if it’s about the future” is an amusing Danish proverb. But predicting the future of the internet that uses sensitive and personal information as its fuel is less amusing. One dystopic prediction is an Internet of Ransomed Things full of hijacked smart devices. I previously wrote about how organizations are under siege by the explosion of ransomware. Ransomware has been retooled to not only attack individuals, but organizations and enterprises, as well. As we saw this year with WannaCry and NotPetya, both were designed to worm and spread throughout networks to encrypt and destroy data. I’m afraid that’s just the tip of the iceberg, unless we change the fundamental way we approach security.

Is it really that hard to predict the future? No, not if the past repeats itself. Edmund Burke stated that “those who don’t know history are doomed to repeat it.” Let’s look at history and predict Tomorrow’s Internet by looking at the parallels between the cyber world and the kinetic world. And there is a certain period in history that is repeating — The Viking Age.

The Viking Age

From the Ninth to the 12th century, Norsemen from Denmark, Sweden, and Norway went Viking — they left their homes to seek a fortune as pirates. Going on an expedition — “fara í Viking” was a way of life — every spring when the warming sun returned and melted away the snow, Vikings looted and pillaged their way around the European continent. Using their shallow-bottom longboats to move swiftly over rivers, tributaries, and open ocean, they excelled at exploring, raiding, trading, and settling in Europe and even North America. Cities in Ireland, Scotland, England, Wales, France, Iceland, Greenland, Vinland, Ukraine, Russia, and the Middle East — among others — have Viking heritage or were raided, sieged, and sacked.

Besides being pirates, mercenaries, and slavers — Vikings also employed the tactic of ransoming — demanding tribute from cities they sacked. The First Siege of Paris is a prime example. On March 29, 845, led by Ragnar Lodbrok, one hundred and twenty Viking ships carrying five thousand warriors occupied and plundered Paris. King Charles the Bald paid a ransom of seven thousand livres — the first of thirteen payments of Dane-geld to the Vikings by the Franks. The Vikings attacked Paris three more times in the 860s. In 864, fortifications and bridges were built to block the Vikings sailing up the Seine. While eventually reaching Paris, the siege was repulsed and scattered by the imperial army — the Vikings managed to only gain seven hundred livres for their effort. The appeasement of the Vikings served as inspiration for Rudyard Kipling’s poem Dane-Geld.

And that is called paying the Dane-geld;
But we’ve proved it again and again,
That if once you have paid him the Dane-geld
You never get rid of the Dane.

The digital Viking Age

Raids and sieges that took months and years of preparation, are now executed in a matter of hours and days from virtual encampments within the safety of “bulletproof hosting providers” in countries where policies are lax, search warrants are not honored, or extradition agreements are not in place. Bulletproof providers, compromised IT servers, and more recently, cloud hosting providers house the command and control servers, exploit kits, data stashes, and dark net markets — the weapons and spoils of a cyber war. A war that is waged campaign by campaign, in large part by criminal organizations driven by financial gain. From their bases, digital Vikings build their siege engines and launch their attacks, which they adapt, as needed. For example, the plague of Pharma spam used the same botnets as ransomware is using today.

Ransomware is a weapon that has evolved over three decades, gaining more capabilities — it’s become easier to spread, better at encryption, and more creative at monetizing attacks. The dozens of variants use different encryption algorithms and exploits to deliver the payload. However, modern ransomware is mostly spread the same way — targeted or spam emails with malicious attachments or links to infected web sites.

It started off as Scareware —malware that threatened to contact the “Cyber Police” with the victim’s IP address, embarrassing browser history, or webcam photo unless payment was made. Others demanded purchase of fake antivirus software. This was followed by ransomware that locked PCs, encrypted the Master Boot Record, or specific file types. More recently “Ransomware as a Service” has lowered the bar — for a cut of the profits, the platform allows the buyer to customize the message, payload, and payment address. And as devices proliferate, the attack surface expands as well. Last year, White hat hackers made the first proof-of-concept for malware that locked a smart thermostat and demanded a ransom. Mobile ransomware is also seeing tremendous growth — mostly via fake mobile video apps that lock the device. Rooted and jailbroken devices are the most susceptible.

Ransoms aren’t limited to ransomware. A more traditional attack involves penetrating a victim’s network, capturing sensitive data, and holding it for ransom with threat of doxxing personal info or leaking intellectual property. These types of attacks usually forgo the middle man and demand direct payment. Ransoms also include distributed denial of service attacks — harnessing tens and hundreds of thousands of compromised Internet facing devices to overwhelm the target’s infrastructure — as we saw when the Mirai botnet attempted to take down the Internet. Another more recent method involves hijacking resources on an endpoint or network device for crypto mining — bitcoin, the preferred currency of ransomware and the dark web.

Bitcoin: The new Dane-geld

Alongside Ransomware as a Service, bitcoin has fueled ransomware’s explosive rise. As the equivalent of digital gold or as some call it the “Internet of Money,” it acts like an open but almost anonymous ledger for financial transactions. Bitcoin is the first peer-to-peer electronic cash system using the decentralized and distributed database known as a blockchain. There are traditional use cases that crypto currencies like bitcoin are disrupting — perfectly legitimate and legal such as retail, investing, banking, and remittances. But these are just scratching the surface of the blockchain. The potential lies with more digital applications. Consider:

  • Machine-to-machine payments — SaaS- and Cloud-based systems can leverage API to purchase additional resources as required
  • Payment system for IoT — Devices using sensors which, based on environmental conditions, will trigger a workflow
  • Micro-payments — to replace advertisements for Web browsing. A fee model where you pay by the word

The current reality is that bitcoin facilitates the vast majority of ransomware payments replacing MoneyPak and WebMoney. In fact, Citrix conducted a survey that found that organizations are stockpiling bitcoins in anticipation of attacks. Earlier this year, an alleged administrator for the Russian cryptocurrency exchange BTC-E was arrested on charges of money laundering $4 Billion. The exchange was fined $110 Million for facilitating transactions involving ransomware. Researchers also presented a report at Black Hat 2017 that 95% of the traced ransoms were cashed out via BTC-E.

But as notorious as Bitcoin has become, its power lies in the blockchain. Proponents say that blockchain can secure the internet by providing an immutable and decentralized platform for tracking assets and contracts. Can the blockchain be the future of the internet? Using blockchain, IBM is transforming Inventory management. “Blockchain offers a shared ledger that is updated and validated in real time with each network participant. It enables equal visibility of activities and reveals where an asset is at any point in time, who owns it and what condition it’s in.” Another prime opportunity in the light of continuous breaches are Social Security Numbers.” As stated in the article, “The issue we have today is that a Social Security number is kept as a secret to authenticate access and identity. We need to be moving away from that and add biometrics on top of that or the equivalent of a private wallet with blockchain.” Blockchain also has promise in healthcare and artificial intelligence. The Centers for Disease Control and Prevention (CDC) is investigating how they might use the blockchain to share medical data between organizations across the United States.

Defense and Fortifications

To Pay or not to Pay? It may actually be an easy decision — and the only viable option if caught unprepared. But paying the ransom incurs a cost; it rewards criminal activity and strengthens the incentive for such attacks throughout the industry. Additionally, as with WannaCry and NotPetya, there is no guarantee of recovery — “boneidleware” and “leakerware” are malware disguised as ransomware but designed to destroy or steal data with no recourse.

How should individuals and organizations fortify themselves to avoid becoming part of the “Internet of Ransomed Things?”

Just like in traditional warfare, cyber warfare requires preparations to reduce the attack surface, protect against vulnerabilities, and contain the blast radius. It requires a new security architecture built from the ground up to protect the apps and data being targeted. But, the most important and likely easiest defense against ransomware is to negate the ransom by having up-to-date (and tested) backups. Even as new and creative methods of ransoming, hijacking, and extorting are being devised, there are a few additional steps that will help:

In the end, we depend on an Internet that is connected via smart devices that are susceptible to being hijacked and our data ransomed. We must prepare and fortify ourselves against the “digital Vikings” so that paying the ransom is not our only option.


Author: Florin Lazurca

  • 0

3 Challenges for delivering applications in the hybrid cloud

Category : Citrix

Hybrid cloud is increasingly becoming a new reality for many enterprise businesses. Here are 3 keys to successfully delivering your applications in a hybrid cloud environment.

The 6 Essential Requirements for Managing ADCs in Hybrid Cloud Environments

  • 0

Cloud Workspace Services, Adoption Made Simple

Category : Citrix

The adoption of cloud services poses dilemmas for companies at every stage of their journey. At the outset, all-or-nothing solutions can force IT to commit prematurely to a single vendor, roadmap or timeframe. Whatever your cloud strategy or desired level of adoption, a few requirements are already clear:

  • the flexibility to adopt the cloud services you want, when you want;
  • the freedom to use any combination of on-premises and cloud resources from any vendor;
  • simple ways to activate, secure, manage and optimize diverse cloud services so that your entire cloud journey delivers the best results for your users and your business.

  • 0

Driving Digital Transformation with a Secure Digital Workspace

Category : Citrix

As state and local government organizations consider how to improve services delivery, simplify processes and reduce administrative costs using digital technologies (such as cloud, Big Data, artificial intelligence and the Internet of Things), one major concern is security.

In fact, a survey by the Public Sector Media Group found that 50 percent of respondents were very concerned about security risks related to digital services, while another 33 percent reported being somewhat concerned.

This preoccupation with security is understandable, considering that:

  • Cyberthreats continue to escalate and evolve, as seen by the recent ransomware attacks on government entities such as the UK’s National Health Service.
  • Citizens’ personal data is a prime target for hackers.
  • Many digital technologies – especially cloud and mobile – move data beyond the protection and control of the traditional datacenter.

These trends are all part of the fast-changing cyberthreat landscape, where threat actors are taking advantage of people’s desire to be connected at all times and targeting the evolving enterprise network, which is expanding and becoming increasingly undefined and diffuse.

The Secure Digital Workspace

Digital literacy is increasing, as shown by these stats:

  • By 2020, half of the world’s population will be online (4.1 billion Internet users).
  • By 2025, Millennials are expected to comprise up to 75% of the workforce. These workers are considered digital natives — people who have been born and raised in the age of digital technologies.

Government agencies and programs are under increasing pressure to provide a fully digital workspace featuring a consumer-like computing experience, combined with greater freedom and autonomy. Industry analyst firm Gartner calls this strategy “digital dexterity.”

At the same time, governments face greater scrutiny from regulators, the media and the public about the strength and reliability of their security posture.

That is why it’s so important to provide a secure digital workspace.

This workspace model has three important attributes:

  1. Unified: provides a single pane of glass through which IT can configure, monitor and manage the organization’s entire technology infrastructure.
  2. Contextual: uses machine learning and AI to adapt to each worker’s patterns and exceptions, delivering a personalized experience that reflects the work situation (device, location and network connection).
  3. Secure: features a software-defined perimeter that grants safe access and full visibility across the network and user ecosystem.

Let’s discuss this new security perimeter in more detail.

The New Software-defined Perimeter

Today’s IT security perimeter must accommodate data and applications that are no longer confined to the government datacenter. Instead, they are being hosted in the cloud and delivered as a service over the network, or downloaded by employees in the field onto their smart devices.

This new workspace is giving rise to a new type of security perimeter – defined by software and continuously adapted through the use of powerful analytics.

Deploying an intelligent, software-defined perimeter means you can secure your organization’s infrastructure, empower citizens and employees, and give IT flexible control.

As described at our 2017 customer conference, Citrix Synergy, Citrix envisions a workspace with security measures based on user behavior (actions and profile) that is analyzed in real time. For example, our new cloud-first solution, Citrix Workspace, relies on a software-defined perimeter based on users and their identity, not just their location or device. This approach extends protection beyond datacenter tools to ensure enforcement for distributed control points, such as mobile devices.

The latest release of Citrix NetScaler, our industry-leading application delivery controller (ADC), is key to the software-defined perimeter. Following are the top enhancements to NetScaler version 12:

  • NetScaler Secure Web Gateway protects against malware
  • User behavior analytics identify insider threats
  • New and stronger ciphers for SSL security keep up with more-stringent compliance and security requirements.

These new features complement existing NetScaler security components, including the WebApp Firewall and NetScaler SD-WAN to secure data across the network and into the cloud.

Balancing Security and Access

Adopting digital technologies in government organizations requires a thoughtful strategy that balances data security with ease of access, and maintains control while optimizing user flexibility.

This is not easy, but Citrix solutions can help. Our virtualization technologies have been chosen by many government entities to deliver better security than traditional distributed computing by enabling apps and data to run in the datacenter instead of being exposed on the device. Our networking technologies reinforce this security posture by protecting against attacks.

Securing the Internet of Things

The explosion of new connected devices, each generating volumes of data that need to be stored, managed, analyzed and secured, requires a technology-agnostic approach to unifying security. All these devices present a wider and more diverse attack surface that is harder to monitor and protect. Software-defined perimeters featuring AI promise to play a major role in authenticating IoT devices, preventing malicious intrusions and making corrections to prevent a recurrence. For more insights, read “Evolving options for securing IoT in the enterprise.”

As digital transformation in government becomes more pervasive, new Citrix technologies offer access controls, real-time analytics and threat prevention tools that are perfectly matched to the way people work today. These solutions meet the demands of digital natives for intuitive, flexible technology tools that meet – and even anticipate – their needs. At the same time, they protect sensitive government data and critical infrastructure from current and evolving threats.

Tackling Today’s Security Threats

Government organizations are in the public spotlight regarding data security. Citizens want reassurance that their personal data is being protected. At the same time, they – and the employees who serve them – demand the freedom to use their preferred devices and connections to access government resources.

Resolving the dilemma of security vs. flexibility requires advanced technology, including machine learning, artificial intelligence and software-defined networking that adapt on the fly to different scenarios.  Adopting a secure digital workspace solution featuring these capabilities can empower government agencies to strike an ideal balance between data protection and user productivity.


Author: David Smith

  • 0

Download the Citrix Ransomware kit

Category : Citrix

Are you reducing your attack surface so ransomware attacks are minimized?  Can you quickly recover without paying a ransom?  Yes you can.  Learn how.

With this kit you will learn how to:

  • Publish virtualized, sandboxed and hardened browsers and email clients
  • Utilize Hypervisor Introspection (HVI) to detect ransomware techniques
  • Protect mobile devices against attacks with containerization
  • Provide a secure and robust enterprise data sync and sharing service

Complete the form

  • 0

Winning the Business Relay Race with ShareFile Secure Document Workflows

Category : Citrix

As I mentioned in my last few blog posts (links below), watching my kids in elite level sports for many years, I’ve seen what a competitive edge delivers. In track, relay runners must pass a baton between each leg of the run. A missed baton pass or an early/late pass can disqualify the entire team. It’s no different for today’s IT decision makers — they must also delver finely–tuned collaboration tools to optimize effective team communication both internally and externally. In the third post of the series, the focus is on how Citrix ShareFile delivers advanced, secure document workflows with built-in feedback, approval, and collaboration features to deliver that extra edge to internal productivity.

Passing the baton is one of the most challenging components for a relay in track. It requires fine-tuned collaboration, because a dropped baton or a delay in the pass means instant disqualification for the team. Like a well-oiled relay team, ShareFile provides a seamless pass when working with secure document workflows with built-in feedback, approval, and collaboration features.

ShareFile supports advanced, secure document workflows with built-in feedback, approval, and collaboration features

Exchanging files is at the core of how things are done in most organizations today. Sending documents internally and externally for approvals and signatures are common when managing contracts, onboarding employees, approving work orders, doing performance reviews, and many other typical business tasks.

Citrix ShareFile is evolving from a basic sync and share tool to a platform that supports all document-centric tasks and workflows required by the modern enterprise. ShareFile’s simple, secure, and seamless workflows enable anytime, anywhere, and any-device access while meeting the organization’s requirements for security, manageability, and compliance. ShareFile provides real-time secure mobile access to critical business information, enabling instant collaboration and increased productivity across distributed teams. Collaboration is built around defined workspaces to achieve specific tasks and objectives. A single solution supports business requirements for secure file sharing, document collaboration, and activity workflows.

Improve Efficiency with Mobile Forms and Workflows

ShareFile delivers three critical workflows to meet the dynamic needs of today’s mobile work­force:

  1. Feedback & Approval Document Workflows
  2. Custom Workflows
  3. Advanced Custom Workflows


Today’s increasingly dynamic, distributed, and digitized mobile workforce demands instant access to the critical business information they need to do their jobs effectively and add value. The ability to securely exchange insights and collaborate on work documents is an essential component of productivity. Content collaboration and file sharing are at the core of hundreds of organizational workflows responsible for coordinating the people, processes, and technologies that drive daily business operations, including project plans, work orders, status reports, contract management, invoice processing, employee onboarding, and performance reviews.

More posts in this series:

Read More on ShareFile:


Author: Jane Foreman

  • 0

Moving to the Cloud? Rethink your Security Efficacy

Category : Citrix

How do you protect your hybrid cloud deployments against cybersecurity attacks

Cybersecurity is all about managing and reducing your business risks. Increasing your application and network security efficacy mitigates these business risks. In the new world of hybrid cloud and SaaS apps, the security perimeter no longer exists.

Watch this webinar and learn:

  • Strategies to increase your security efficacy
  • If you are adopting hybrid cloud, how do you maintain your security efficacy?
  • How do you get started today?

Watch now!

  • 0

The Unified Endpoint Gold Standard, Citrix Receiver, XenApp and XenDesktop

Category : Citrix

With all the buzz about unified endpoints, you can be forgiven for thinking that it’s a new concept for simplifying mobility management and protecting sensitive data in a BYO world. But is it really new?

If you really think about it, the core concept behind unified endpoint management and delivery is to simplify app and desktop management and make sure sensitive information remains protected, even while people use any device, anywhere to do their work.

At Citrix, we refer to that value proposition as the secure delivery of apps and data, and we not only invented that market, we continue to introduce new innovations through our XenApp and XenDesktop family of products and servicesAnd we support every device with Citrix Receiver, which has become the gold standard for secure unified endpoint delivery. Name an operating system or device platform, and you’ll find a Citrix Receiver that supports it. Just as important, Citrix delivers a seamless, high-performance virtual app and desktop experience, because the Citrix HDX protocol, which continues to evolve, is the most efficient in the industry, and it’s supported on all devices.

For years, our technology partners have depended on Citrix to make sure their new product offerings seamlessly integrate with Citrix Receiver as soon as they are available. For nearly ten years, Citrix Receiver has supported new devices on day one, from iPads to Chromebooks to the latest devices from Samsung.

Earlier today, Samsung announced the new Samsung Note 8 phone that will provide users a powerful full virtual desktop experience when combined with Citrix Receiver and the Samsung DeX Station – extending full desktop capability to the latest Samsung smartphone. Citrix customers continue to show high interest in testing and deploying new enterprise virtualization use cases with the Samsung DeX while independent reviewers have tested XenApp, XenDesktop and Citrix Receiver with the Samsung Galaxy S8 and the DeX Station to run specialized business applications, with impressive results.

And while partners count on Citrix Receiver to provide Day 1 support for their new devices and platforms, our value comes from the way our customers use it to protect their data, increase productivity, and to even provide better patient care. Chromebooks have been deployed at hundreds of customers across almost every vertical market, including health care. Chapter Health Systems, deployed Chromebook cloud end points with XenApp and Citrix Receiver to help health care professionals focus on seamless, secure and quality patient care.

And Citrix Receiver for Chrome continues to get better with new quarterly releasescontinually bringing more features and capabilities to customers. We long ago passed the double digit market for new releases of Receiver for Chrome updates since 2011 – in case anyone is counting. And we also make it easy for Google customers to accelerate their cloud transformation, and easily access their data with our expanded partnership and integration between ShareFile and G-Suite.

Citrix unified endpoint value extends far beyond our ability to work with any single device. Our customers love the Citrix commitment to support any device on any cloud with any hypervisor on a wide range of IT infrastructures.

While we’ve come a long way, you can depend on Citrix to make sure XenApp, XenDesktop and Citrix Receiver continue to be the gold standard for unified endpoint delivery. Count on Citrix to securely deliver any app to any device, and to provide the best experience, period.

  • 0

Three Things about Networks That Every CIO Should Have on their Agenda

Category : Citrix

We are headed for a future in which everything will be connected to the cloud – not just traditional servers and clients, but any kind of industrial plant, building, vehicle, machinery, and device. Global always-on networking will fundamentally transform all industries. To keep up with the upcoming changes and market requirements there are three topics every CIO, Head of IT, or Network Manager should have on their agenda:

  1. The network is the future business platform. Within the next five to ten years, business will be transformed by digital technology, on a much larger scale than seemingly possible at first glance. Everything will be part of a globally-interconnected IT infrastructure, the Internet of Things (IoT). The IoT provides a flood of sensory data to big data analytics and allows for real-time (or near real-time) interactivity. Whatever industry, the IT network will become the foundation of every business. For example, car manufacturers are preparing for a future when cars are not simply hardware that takes us from A to B, but interconnected software platforms that provide an individualized user experience to drivers. Forklift manufacturers will provide forklifts as a service with cloud-based management and fault monitoring. The list goes on and on.
  1. The network is software-defined. It is a natural mistake to think of the global networking infrastructure as just a gigantic accumulation of hardware: copper wires, fiber cables, switches, and routers. But this hardware is increasingly becoming software-defined. Software-defined networking means that data paths are no longer pre-defined connections; instead, software dynamically determines these data paths, making the network more agile. For example, branch offices used to be connected to headquarters via leased lines, complemented by some narrowband method of emergency failover. In contrast, the modern branch office communicates via multiple IP connections. A device at the branch office site uses software algorithms to decide which connection(s) to use. This way, data paths can be diversified based on economic parameters or technical necessities, such as balancing traffic loads between multiple lines. This makes the network much more powerful and cost-efficient. Ideally the network is part of a trusted security architecture enabling user-centric policies to intelligently control and secure the different types of apps, the devices and the end-to-end networks framework.
  1. Network performance does not equal business performance. With all this talk about the importance of the network and new ways to improve its performance, it seems logical to assume: the faster my network, the more efficient my business processes. Unfortunately, this is not quite right. The network is simply the vehicle for data transportation between applications. It is the applications that contain the business workflows, and sometimes whole business processes. Therefore, it is critical for a successful digital transformation to have full control of how applications are delivered. For this purpose, modern enterprises deploy so-called ‘application delivery controllers’. These allow granular management of application availability and behavior as well as application security and secure digital perimeter security policy enforcement.

Data is the new currency, making the unhindered flow of data an essential prerequisite in the modern enterprise. In a time of ubiquitous cloud services, global interconnectivity due to the rise of the Internet of Things, and digital transformation rapidly progressing across all industries, network infrastructure provides the very foundation of today’s – and, what’s more, future – business operation. In this scenario, solid network connectivity is the bare necessity for business. Software-defined networking is needed to make this infrastructure agile enough to swiftly adapt to changing business needs. And ADCs help to bridge the gap between the network, security, and business applications. This way, intelligent networks provide the groundwork for a successful digital transformation.


Author: Sherif Seddik

  • 0

Active Threat Analytics

Category : Citrix

You’ve implemented security technology to block the majority of threats in your environment, but your security team is still struggling with managing and acting on the sheer volume of security incidents. How do you make sure your team is able to detect and investigate threats with greater speed, accuracy and focus?

In this session, we’ll demonstrate how Cisco Active Threat Analytics, a 24-hour continuous-monitoring and advanced-analytics service, combines technology, industry-leading threat intelligence, analytics and expert investigators to help you manage, detect, and respond to advanced threats.

Friday, September 15, 2017
10:00 AM PT / 1:00 PM ET 

Register now