Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Hacking a Hospital for Fun and Profit

Hack In The Box Security Conference via YouTube

Overview

Explore a comprehensive security assessment of a hospital network in this eye-opening conference talk from HITB2018AMS. Follow two experienced security researchers as they map the entire hospital network, compare findings with IT staff knowledge, and conduct penetration tests on various medical devices and systems. Discover the shocking, funny, and terrifying vulnerabilities found in imaging systems, cardiac pacemakers, electromechanical technology, laboratory equipment, gas and drug delivery systems, surgical instruments, medical monitoring devices, doctor's applications, internal portals, databases, and more. Learn about potential attack surfaces, including open access points bridged to LAN, "hot" network jacks, and unhardened kiosks. Gain insights into security mechanisms, DICOM protocols, brain surgical navigation systems, portable CT scanners, programmable logic controllers, and ECG/EKG devices with default passwords. Understand the critical importance of cybersecurity in healthcare environments and the potential consequences of inadequate protection.

Syllabus

Intro
MY HOSPITAL
How to get in?
Potential attack surface - Open AP bridged to LAN
Potential attack surface - "Hot" network jacks bridged to LAN
Potential attack surface-unhardened kiosk connected to LAN
Security Mechanisms
We are in... What's next?
Digital Imaging and Communications (DICOM)
Brain surgical navigation system
Portable computed tomography (CT)
Programmable logic controllers (PLC's)
Electrocardiography (ECG/EKG) - default passwords
One month checkpoint, but what have we learn so far?

Taught by

Hack In The Box Security Conference

Reviews

Start your review of Hacking a Hospital for Fun and Profit

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.