Real World Security in a Clinical Healthcare Environment: Hacking a Hospital

Presented at BSidesLV 2019, Aug. 7, 2019, 2 p.m. (55 minutes)

Ransomware attacks and confidentiality breaches tend to make the news as it relates to healthcare security challenges. But what about attacks directly on a patient?

During this session, we'll look at some of the common security issues pervasive throughout the Internet of Things, and tie them directly to real-world attack scenarios using connected medical devices. We'll discuss the anatomy and risks of an attack against a patient in a hospital, review common mechanisms and tools used for these attacks, and identify effective solutions to evaluate and better understand the inherent risks of the connected healthcare ecosystem.

Presenters:

• Paul Dant
  My interest in security began in 1987, fueled by the need to protect my lame video games from pirates. Ever since, I've been interested in the security of systems, and information in general, as it pertains to people using systems. To that end, I've hacked unlikely things like tent-pole film sets, nuclear energy facilities, banks, and hospitals.

Similar Presentations:

• Black Hat USA 2020 Virtual / Healthscare – An Insider's Biopsy of Healthcare Application Security
• May Contain Hackers (MCH2022) / “You give me fever, fever all through the night": Hack attacks against wireless medical devices and the virtual patient
• BSidesDC 2016 / Attacking Patient Health: The Anatomy of Hospital Exploitation