Hacking Humans: Addressing Vulnerabilities in the Advancing Medical Device Landscape

Presented at DerbyCon 9.0 Finish Line (2019), Sept. 6, 2019, 3:30 p.m. (30 minutes).

The health care critical infrastructure sector comprises much of the potential attack surface of the national security landscape. Medical devices that enable connectivity incorporate software that is vulnerable to threats. These devices, which include pacemakers, infusion pumps, and MRI machines, were found to have vulnerabilities ranging from buffer overflow bugs to the presence of hard-coded credentials that lent to unauthorized access of information. A breach could compromise data confidentiality, integrity, and availability, as well as patient safety. This talk will explore some of the past and current vulnerabilities facing the medical device industry, and the steps that the FDA is taking to mitigate these risks.


Presenters:

  • Gabrielle Hempel
    Gabrielle is a graduate of the University of Cincinnati, where she studied Neuroscience and Psychology. She worked in regulatory pharmaceutical and medical device compliance, and led specialized committees targeting Phase I research and emergency research. She moved to IT consulting in 2018, and currently works as an Information Security Analyst with Accenture. She serves as a mentor for a student cohort of cybersecurity analysts, and volunteers with various community organizations that encourage youth and minorities to pursue careers in STEM and information security.

Links:

Similar Presentations: