Overview
Explore medical device security vulnerabilities and potential attack vectors in this 49-minute conference talk from BSides San Francisco 2015. Delve into the personal and professional impacts of security breaches, initial findings from Shodan searches, and healthcare organization discoveries. Learn about various potential attacks, including physical, phishing, and pivot methods. Examine the role of application security and technical properties in medical device vulnerabilities. Gain insights into problem awareness and current state assessments, concluding with recommendations for improving medical device security practices.
Syllabus
Intro
Personal Impact
Professional Impact
What We Are Doing
Shodan Search Initial Findings
Initial Healthcare Organization Discovery
Why Does This Matter?
Getting A Little Warmer!
Summary Of Devices Inside Organization
Potential Attacks - Physical
Potential Attacks - Phishing
Potential Attacks - Pivot
Is AppSec A Problem?
Technical Properties
Problem Awareness
Continue As-ls Summary of Current State
A Better Way