PWN4Life - How Hackers Can Be The Heroes of Healthcare

Presented at ShellCon 2020 Virtual, Oct. 10, 2020, 11 a.m. (55 minutes)

Stuck in a bit of a career rut? Perhaps it's time for you to explore where bits and bytes meet flesh and blood- the fast paced and dynamic world of healthcare security. From insulin pumps to electronic medical records, from pacemakers to PACS systems, modern healthcare is dependent on the same connected technologies that permeate every other aspect of our lives- but the sector is drastically lacking the security talent enjoyed by other industries. The congressionally mandated HHS Healthcare Cybersecurity Task Force of 2017 estimated that most medical facilities across the country lack even a single full time security professional- that's a lot of patients who need protecting. Join quaddi and r3plicant, physicians by day, hackers by night, as they give you an overview of the operational needs of this space, describe the perspective needed to succeed in healthcare, explore the conundrum between best practices and standard practices and how that may lead to tension between clinicians, administrators, and security professionals, and how you can literally use your skills to save lives.

Presenters:

• Jeff Tully MD / r3plicant   as Jeff Tully
  Jeff Tully is an Anesthesiologist, Pediatrician and Security Researcher with an interest in understanding the ever-growing intersections between healthcare and technology. Prior to medical school he worked on hacking the genetic code of Salmonella bacteria to create anti-cancer tools, and throughout medical training has remained involved in the conversations and projects that will secure healthcare and protect patients as we face a new era of remote care, implantable medical devices and biohacking.
• Christian Dameff MD MS / quaddi   as Christian Dameff
  Christian Dameff is an Emergency Medicine Physician and Researcher. He is currently a Clinical Informatics Fellow at the University of California, San Diego. Dameff is also an ethical hacker and security researcher interested in the intersection of healthcare, patient safety and cybersecurity. He has previously spoken at RSAC, Black Hat, DEF CON, BSides Las Vegas and Derbycon, among other conferences, and is one of the Co-Founders of the CyberMed Summit, a novel medical device and infrastructure cybersecurity conference. Published cybersecurity topics include hacking 911 systems, HL7 messaging vulnerabilities and malware.

Links:

• https://2020.shellcon.io/talks/2020/pwn4life-how-hackers/

Similar Presentations:

• Black Hat USA 2020 Virtual / Healthscare – An Insider's Biopsy of Healthcare Application Security
• AppSec USA 2013 / Healthcare Security Forum
• DEF CON 22 (2014) / Just What The Doctor Ordered?