Med Team vs Red Team: Intro into Medical Device Hacking

Presented at DEF CON 32 (2024), Aug. 8, 2024, 9 a.m. (240 minutes).

Connected medical device and medical device security assessments utilize a varying and wide range of practices, from reverse engineering to hardware exploitation. If you have ever been curious about how to get started, this is the class for you. We will be covering how to get started in Adversarial Medical Device testing, tooling, tactics, exploits and certain bypasses to restrictions you may encounter during testing these devices. Use the tactics learned to exploit devices within the Device Lab!

Presenters:

• Alex Delifer
  Alex is medical device testing sledgehammer. He is a DevSecOps guru for a large medical device company and cut his teeth building, maintaining and hacking medical devices.
• Michael "v3ga" Aguilar - Principle Consultant at Secureworks Adversary Group
  Michael Aguilar (v3ga) is a Principle Consultant for Secureworks Adversary Group. He runs Adversary Simulation operations, Physical Security and Network/Web based assessments as well as Adversarial Medical Device Tests. When not doing computer things, he reads a lot and likes to run to de-stress. He is also an avid fan of playing guitar really fast and screaming at people.

Similar Presentations:

• ToorCon San Diego 19 (2017) / Open Up and Say 0×41414141: Attacking Medical Devices
• Black Hat Europe 2017 / Breaking Bad: Stealing Patient Data Through Medical Devices
• DerbyCon 8.0 Evolution (2018) / Abusing IoT Medical Devices For Your Precious Health Records