The 2017 attack the largest to have ever hit the health service - - PowerPoint PPT Presentation

▶

Mar 12, 2023 151 likes •892 views

The 2017 attack the largest to have ever hit the health service hit computers at hospitals and GP surgeries across 48 NHS trusts. At least 6,900 NHS appointments were cancelled, and up to 19,000 affected in total, after staff were

SLIDE 1

SLIDE 2

SLIDE 3

SLIDE 4

SLIDE 5

SLIDE 6

SLIDE 7

SLIDE 8

SLIDE 9

The 2017 attack – the largest to have ever hit the health service – hit computers at hospitals and GP surgeries across 48 NHS trusts. At least 6,900 NHS appointments were cancelled, and up to 19,000 affected in total, after staff were forced to resort to using pen and paper when they were locked out of computerised systems.

SLIDE 10

SLIDE 11

SLIDE 12

SLIDE 13

That's partly because there are so many easy targets. More than 36,000 healthcare-related devices in the US alone are easily discoverable on Shodan, a sort of search engine for connected devices, according to a recent Trend Micro survey. Unlike desktop computers and servers that run anti- virus software and other "endpoint" security checks, the diversity of IoT devices and initial lack of concern about their role in network security often makes them trivial to compromise.

SLIDE 14

SLIDE 15

SLIDE 16

SLIDE 17

SLIDE 18

SLIDE 19

SLIDE 20

SLIDE 21

SLIDE 22

SLIDE 23

SLIDE 24

SLIDE 25

SLIDE 26

SLIDE 27

SLIDE 28

SLIDE 29

Healthcare Database (48,000 Patients) from Farmington,

Missouri, United States

It was retrieved from a Microsoft Access database within

their internal network using readily available plaintext usernames and passwords. I have had access to his system since early 2016.

Database (210,000 Patients) from Central/Midwest United

States

This product is a very large database in plaintext from a

healthcare organization in the Central/Midwest United

States. It was retrieved from a severely misconfigured

network using readily available plaintext usernames and passwords.healthcare hack

Database (210,000 Patients) from Central/Midwest United

States

This product is a very large database in plaintext from a

healthcare organization in the Central/Midwest United

States. It was retrieved from a severely misconfigured

network using readily available plaintext usernames and passwords.

Healthcare Database (397,000 Patients) from Atlanta,

Georgia, United States

This product is a very large database in plaintext from a

healthcare organization in the state of Georgia. It was retrieved from an accessible internal network using readily available plaintext usernames and passwords.

SLIDE 30

SLIDE 31

SLIDE 32

Are You Ready to Hack A Company?

SLIDE 33

First Question: Where do we start?

SLIDE 34

Found a webmail server!!

SLIDE 35

OK, so we found a webmail server…what now?

SLIDE 36

SLIDE 37

What do we do with this?

SLIDE 38

SLIDE 39

SLIDE 40

Now we are basically done!

+ =

SLIDE 41

SLIDE 42

SLIDE 43

SLIDE 44

BUT IT GETS WORSE!!

SLIDE 45

SLIDE 46

SLIDE 47

SLIDE 48

SLIDE 49

SLIDE 50

What About Tracking Down Employees?

SLIDE 51

SLIDE 52

Or Targeting Folks in the Nearby Coffee Shop?

SLIDE 53

SLIDE 54

SLIDE 55

SLIDE 56

SLIDE 57

SLIDE 58

SLIDE 59

SLIDE 60

SLIDE 61

SLIDE 62

SLIDE 63

SLIDE 64

SLIDE 65

SLIDE 66

SLIDE 67

#6: Have a plan and test it.

SLIDE 68

#7: Know who you are going to call.

SLIDE 69

#8: Recognize the overlap of physical and digital security.

SLIDE 70

#9: Train Your Employees

SLIDE 71

#10: Do not be embarrassed!

SLIDE 72

WE ARE NOT SECURING A NETWORK, WE ARE SECURING LIVES!

ELECTRONIC HEALTH / MEDICAL RECORDS EMBEDDED HEALTH TECHNOLOGY MEDICAL DEVICES PERSONAL INFORMATION AUTOMATED DRUG TREATMENTS CORPORATE NETWORKS

SLIDE 73

@ d a r k c y b e d c y b e r @ V i n c e C r i s l e r v i n c e @ d a r k c u b e d . c