Segmented networks, containerization needed to stymie ransomware: Citrix

Ransomware is now a big business, with a security vendor estimating one attacker was able to collect US$121 million in ransomware payments during the first half of this year and netting a profit of US$94 million. It can even be had as a ransomware-as-a-service offering.

But while many fall victim to so-called ‘spray and pray’ attacks, certain industries appear to be targeted. That’s the opinion of Kurt Roemer, chief security strategist at Citrix, who is in Winnipeg today to address a healthcare security workshop run by his company.

“We see that hospitals are specifically targeted because of the sensitivity of data,” he said in a phone interview.

An attacker may may be medical information of a politician or celebrity patient hoping to either sell the data or blackmail the individual, he said.

“One of the challenges is a lot of IT organizations in hospitals have set up their networks to be very flat,” he said. The advantage of such networks is they communicate very effectively. However, internal network security hasn’t until recently been strong enough.

That has to change not only because attackers are getting directly into the networks, but also because health practitioners are increasingly using mobile devices and working remotely, he said. So IT has to segment networks and critical applications so attackers can’t roam around networks.

And while security awareness training is important to encourage staff not to click on links or attachments, hospitals can go one step further and virtualize browsers for added protection.

The increase in ransomware also highlights the need for hospitals to have real-time data backup and recovery capability so even if an attack is successful a device can be rolled back and the ransom won’t have to be paid.

In addition, infosec pros have to keep personal health data off mobile devices that are not owned and managed by the institutions through technologies such as containerization, he said.

There have been headlines this year about large American hospitals stung by ransomware, but Canadian institutions have also been hit. In March the Ottawa Hospital said four computers were encrypted.

The reason why hospitals and health insurers are targets is clear: They are large repositories of data. According to Websense’s senior security product marketing manager a health care record on the black market is 10 times more valuable than credit card information, which can be neutralized quickly by the card issuer by changing cards and/or issuing cards with encrypted chip-and-pin technology.

If a medical record is breached, agreed Roemer, “it’s game over – people know your entire medical history, they know information about you that you’d otherwise not have made public and there’s no way you can pull it back. So the sensitivity of data is many times higher in healthcare institutions. You need to balance that with the directive that patient care of the patient is number one, (so) sometimes security for very good reasons needs to take a back seat.”

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@]

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now