ISACA Chapter Roundtable: Common Vulnerabilities Found in Medical Devices
November 17, 2022 @ 3:30 pm - 5:00 pm
Medical devices can provide life-saving and quality of life improvements for the patients who use them, but these devices frequently use embedded systems that are vulnerable in a number of ways. Bypassing and/or sniffing the physical and wireless interfaces, extraction and manipulation of firmware, and even data exfiltration can be performed with some surprisingly simple attacks. This discussion will cover how years of penetration testing has shown that these vulnerabilities are present industry-wide as well as some simple ways to mitigate the risks of attack. Following the presentation,the speakers will walk through some of the embedded testing techniques commonly used on real hardware to paint a picture of what common attack vectors look like.
Medical devices can provide life-saving and quality of life improvements for the patients who use them, but these devices frequently use embedded systems that are vulnerable in a number of ways. Bypassing and/or sniffing the physical and wireless interfaces, extraction and manipulation of firmware, and even data exfiltration can be performed with some surprisingly simple attacks. This discussion will cover how years of penetration testing has shown that these vulnerabilities are present industry-wide as well as some simple ways to mitigate the risks of attack. Following the presentation,the speakers will walk through some of the embedded testing techniques commonly used on real hardware to paint a picture of what common attack vectors look like.
Speakers:
Nathan Smith, Manager, Protiviti
Caleb Davis, Sr. Manager, Protiviti
Details
Organizer