Week One
Hello! Welcome to this week's Ryan Report. Today, I take a look at the patient monitoring system attack that was demonstrated during DEFCON 26.
This was my first DEFCON, and it did not disappoint. There was security talks, workshops and otherwise interesting stuff galore. As a healthcare cybersecurity professional, I was particularly interested in the BioHacking Village and the healthcare-focused presentations in other tracks.
Douglas McKee from McAfee and Shaun Nordeck, MD co-presented on this research that demonstrated just how easy it is for a skilled hacker to compromise the data flow and send false information to a central patient monitoring system. This exploit has not been observed in a real-world situation affecting patient care; however, it serves as a lesson to healthcare organizations and medical device manufacturers alike to take care and make an effort to secure patient-connected medical devices.
For me, the significant takeaway from McKee and Nordeck's research is the value in device authentication. Their exploit hinged on the inability of the central monitoring station to properly authenticate the devices it receives data from: it was far too easy to inject arbitrary data into the communication stream. Further, encryption of data in transit from the bedside monitor to the monitoring station greatly increases the difficulty in perpetrating this type of attack.
This was my first DEFCON, and it did not disappoint. There was security talks, workshops and otherwise interesting stuff galore. As a healthcare cybersecurity professional, I was particularly interested in the BioHacking Village and the healthcare-focused presentations in other tracks.
Douglas McKee from McAfee and Shaun Nordeck, MD co-presented on this research that demonstrated just how easy it is for a skilled hacker to compromise the data flow and send false information to a central patient monitoring system. This exploit has not been observed in a real-world situation affecting patient care; however, it serves as a lesson to healthcare organizations and medical device manufacturers alike to take care and make an effort to secure patient-connected medical devices.
For me, the significant takeaway from McKee and Nordeck's research is the value in device authentication. Their exploit hinged on the inability of the central monitoring station to properly authenticate the devices it receives data from: it was far too easy to inject arbitrary data into the communication stream. Further, encryption of data in transit from the bedside monitor to the monitoring station greatly increases the difficulty in perpetrating this type of attack.
Comments
Post a Comment