the 2017 attack the largest to have ever hit the health
play

The 2017 attack the largest to have ever hit the health service - PowerPoint PPT Presentation

Mar 12, 2023 •151 likes •890 views

The 2017 attack the largest to have ever hit the health service hit computers at hospitals and GP surgeries across 48 NHS trusts. At least 6,900 NHS appointments were cancelled, and up to 19,000 affected in total, after staff were

  9. The 2017 attack – the largest to have ever hit the health service – hit computers at hospitals and GP surgeries across 48 NHS trusts. At least 6,900 NHS appointments were cancelled, and up to 19,000 affected in total, after staff were forced to resort to using pen and paper when they were locked out of computerised systems.

  13. That's partly because there are so many easy targets. More than 36,000 healthcare-related devices in the US alone are easily discoverable on Shodan, a sort of search engine for connected devices, according to a recent Trend Micro survey. Unlike desktop computers and servers that run anti- virus software and other "endpoint" security checks, the diversity of IoT devices and initial lack of concern about their role in network security often makes them trivial to compromise.

  29. • Healthcare Database (48,000 Patients) from Farmington, Missouri, United States It was retrieved from a Microsoft Access database within o their internal network using readily available plaintext usernames and passwords. I have had access to his system since early 2016. • Database (210,000 Patients) from Central/Midwest United States This product is a very large database in plaintext from a o healthcare organization in the Central/Midwest United States. It was retrieved from a severely misconfigured network using readily available plaintext usernames and passwords.healthcare hack • Database (210,000 Patients) from Central/Midwest United States This product is a very large database in plaintext from a o healthcare organization in the Central/Midwest United States. It was retrieved from a severely misconfigured network using readily available plaintext usernames and passwords. • Healthcare Database (397,000 Patients) from Atlanta, Georgia, United States This product is a very large database in plaintext from a o healthcare organization in the state of Georgia. It was retrieved from an accessible internal network using readily available plaintext usernames and passwords.

  32. Are You Ready to Hack A Company?

  33. First Question: Where do we start?

  34. Found a webmail server!!

  35. OK, so we found a webmail server…what now?

  37. What do we do with this ?

  40. Now we are basically done! + =

  44. BUT IT GETS WORSE!!

  50. What About Tracking Down Employees?

  52. Or Targeting Folks in the Nearby Coffee Shop?

  67. #6: Have a plan and test it.

  68. #7: Know who you are going to call.

  69. #8: Recognize the overlap of physical and digital security.

  70. #9: Train Your Employees

  71. #10: Do not be embarrassed!

  72. WE ARE NOT SECURING A NETWORK, WE ARE SECURING LIVES! MEDICAL DEVICES ELECTRONIC HEALTH / MEDICAL RECORDS PERSONAL INFORMATION EMBEDDED HEALTH TECHNOLOGY AUTOMATED DRUG CORPORATE TREATMENTS NETWORKS

  73. b e r e d c y c y b d a r k @ s l e r e C r i V i n c @ o m e d . c k c u b d a r c e @ v i n

Recommend

Attack on Traffic Systems These attack examples have happened in the past. We will take an

Attack on Traffic Systems These attack examples have happened in the past. We will take an

From start to finish how a cyber attack would be performed on traffic system, we will go over first day >> exploitation of the device >> the real-world aftermath. Mission Secure, Inc. Attack on Traffic Systems These attack examples

556 views • 18 slides
Mid-sized ISP doing enterprise and personal Largest ISP

Mid-sized ISP doing enterprise and personal Largest ISP

Mid-sized ISP doing enterprise and personal Largest ISP in the geographic region Attacks started November 25 2012 Started at 1 attack a

850 views • 35 slides
Downwind Effects: Public Health Response & Recovery to the Nations Largest Gas Leak Los

Downwind Effects: Public Health Response & Recovery to the Nations Largest Gas Leak Los

Downwind Effects: Public Health Response & Recovery to the Nations Largest Gas Leak Los Angeles County Department of Public Health Angelo Bellomo Deputy Director for Health Protection Katie Butler, MPH Senior Staff Analyst December 7,

711 views • 46 slides
s c a l e Marc Witteman Croatian Summer school 2017 Attack exploitation space: time vs distance

s c a l e Marc Witteman Croatian Summer school 2017 Attack exploitation space: time vs distance

When Hardware Attacks s c a l e Marc Witteman Croatian Summer school 2017 Attack exploitation space: time vs distance Remote key brute software protocol force relay attack side Fast Slow mitm channel Hardware attacks require:

688 views • 25 slides
Australian Rotary Health Australian Rotary Health. Who are we? The largest non-government

Australian Rotary Health Australian Rotary Health. Who are we? The largest non-government

Towards a happier, healthier Australia Australian Rotary Health Australian Rotary Health. Who are we? The largest non-government provider of Medical Research funds in Australia Australian Rotary Health. What do we do? Raise Funds to support

620 views • 29 slides
AFIIA 2017 Cyber Attack Demonstration Overview of Information Security Information Security

AFIIA 2017 Cyber Attack Demonstration Overview of Information Security Information Security

5/30/2017 Presentation Outline Cyber Security - Safeguarding your IT Environment Cyber Attack Demonstration Overview of Information Security Situational Analysis of Current Attacks Wednesday, May 17, 2017 @ AFIIA Conference, 2017

498 views • 5 slides
Second Quarter 2017 Earnings Teleconference August 8, 2017 One of North Americas largest

Second Quarter 2017 Earnings Teleconference August 8, 2017 One of North Americas largest

Second Quarter 2017 Earnings Teleconference August 8, 2017 One of North Americas largest electric utilities TSX: H Hydro One Limited 2Q17 Financial Summary Second Quarter Year to Date ($ millions) 2017 2016 % Change 2017 2016 %

256 views • 10 slides
A WHO Perspective What is the extent of the problem ? What can we do about it ? Dr Rudi

A WHO Perspective What is the extent of the problem ? What can we do about it ? Dr Rudi

Attacks on Health Care Workers A WHO Perspective What is the extent of the problem ? What can we do about it ? Dr Rudi Coninx Problem Hospitals, health care workers, patients are under attack Right to health care is under attack

456 views • 20 slides
ABOUT BETTING ON FOOTBALL 2017 Betting on Football (BOF 2017) is the largest sports betting

ABOUT BETTING ON FOOTBALL 2017 Betting on Football (BOF 2017) is the largest sports betting

ABOUT BETTING ON FOOTBALL 2017 Betting on Football (BOF 2017) is the largest sports betting industry event, held 3 - 4 May at Stamford Bridge . Around 800 delegates will experience world class hospitality, unlimited networking and business

655 views • 17 slides
Linking OAE and Blockwise Attack Models Fast Software Encryption 2017 Guillaume Endignoux 1 , 2 ,

Linking OAE and Blockwise Attack Models Fast Software Encryption 2017 Guillaume Endignoux 1 , 2 ,

Linking OAE and Blockwise Attack Models Fast Software Encryption 2017 Guillaume Endignoux 1 , 2 , Damian Vizr 1 1 EPFL, Switzerland 2 Kudelski Security Wednesday 8 th March, 2017 This work was partially supported by Microsoft Research. G.

1.02k views • 45 slides
CAN AUTHENTICATION AND ENCRYPTION February 2017 CAN PROVIDES MULTIPLE ATTACK VECTORS Record

CAN AUTHENTICATION AND ENCRYPTION February 2017 CAN PROVIDES MULTIPLE ATTACK VECTORS Record

Implementing scalable CAN Security with CANcrypt by Olaf Pfeiffer CAN AUTHENTICATION AND ENCRYPTION February 2017 CAN PROVIDES MULTIPLE ATTACK VECTORS Record and re-play messages Can trigger desired actions Re-engineering

320 views • 21 slides
ATTACK: Learning the Distributions of Adversarial Examples for an Improved Black-Box Attack on

ATTACK: Learning the Distributions of Adversarial Examples for an Improved Black-Box Attack on

ATTACK: Learning the Distributions of Adversarial Examples for an Improved Black-Box Attack on Deep Neural Networks Yandong Li* 1 Lijun Li* 1 Liqiang Wang 1 Tong Zhang 2 Boqing Gong 3 *Equal Contribution 1 University of Central Florida 2 Hong

440 views • 11 slides
1 Primary Reasoning: Aria Health systems is the largest healthcare provider within the Northeast

1 Primary Reasoning: Aria Health systems is the largest healthcare provider within the Northeast

Special thanks to Turner Project Manager, Patrick Kershner, for providing me the above renderings, as well as all of the necessary information within this presentation. 1 Primary Reasoning: Aria Health systems is the largest healthcare

574 views • 13 slides
Detecting a Biological Attack The attack will not be obvious; it may take hours or days to know.

Detecting a Biological Attack The attack will not be obvious; it may take hours or days to know.

Detecting a Biological Attack The attack will not be obvious; it may take hours or days to know. Current biological diagnostics are very effective at identifying agents, but theyre slow. We already have an infrastruc- ture in place to

233 views • 8 slides
An easy attack on AEZ Xavier Bonnetain Patrick Derbez Sbastien Duval Jrmy Jean Gatan

An easy attack on AEZ Xavier Bonnetain Patrick Derbez Sbastien Duval Jrmy Jean Gatan

An easy attack on AEZ Xavier Bonnetain Patrick Derbez Sbastien Duval Jrmy Jean Gatan Leurent Brice Minaud Valentin Suder FSE 2017 Rump Session BRUTUS team An easy attack on AEZ FSE 2017 Rump Session 1 / 9 Cryptograpy for the

578 views • 21 slides
AMSGSS AMSGSS HEALTH AND DENTAL PLAN Presentation to AMS Council March 2017 SCD177-17 One of the

AMSGSS AMSGSS HEALTH AND DENTAL PLAN Presentation to AMS Council March 2017 SCD177-17 One of the

AMSGSS AMSGSS HEALTH AND DENTAL PLAN Presentation to AMS Council March 2017 SCD177-17 One of the Established by Over $7.8Million $7.8Million largest AMS referendum in in Health & in Health & Services 40521 40521 1999 (reconfirmed

176 views • 14 slides
ss 8 Class Cl CSC 495/583 Topics of Software Security PLT, GOT & Return-to-plt Attack

ss 8 Class Cl CSC 495/583 Topics of Software Security PLT, GOT & Return-to-plt Attack

ss 8 Class Cl CSC 495/583 Topics of Software Security PLT, GOT & Return-to-plt Attack & GOT Overwrite Attack Dr. Si Chen (schen@wcupa.edu) Review Page 2 ret2libc Attack Page 3 libc C standard library Provides

662 views • 36 slides
How to Attack the IoT with Hardware Trojans Janet Lackey under CC license CROSSING Conference

How to Attack the IoT with Hardware Trojans Janet Lackey under CC license CROSSING Conference

16.05.2017 How to Attack the IoT with Hardware Trojans Janet Lackey under CC license CROSSING Conference Darmstadt, May 16, 2017 Christof Paar Ruhr Universitt Bochum Acknowledgement Georg Becker Pawel Swierczynski Marc Fyrbiak 1

593 views • 20 slides
First Quarter 2017 Earnings Teleconference May 4, 2017 One of North Americas largest electric

First Quarter 2017 Earnings Teleconference May 4, 2017 One of North Americas largest electric

First Quarter 2017 Earnings Teleconference May 4, 2017 One of North Americas largest electric utilities TSX: H Hydro One Limited First Quarter Financial Summary First Quarter Full Year ($ millions) 2017 2016 % Change 2016 2015 %

105 views • 7 slides
EVENT PRESENTATION September 6-7 2017 Join the largest international conference on the

EVENT PRESENTATION September 6-7 2017 Join the largest international conference on the

EVENT PRESENTATION September 6-7 2017 Join the largest international conference on the North American East Coast for visual effects and animation! What is effectsMTL17? The largest international conference for the VFX & Animation

335 views • 19 slides
The largest single barrier to Learning Health Systems Introduction What are we doing?

The largest single barrier to Learning Health Systems Introduction What are we doing?

The largest single barrier to Learning Health Systems Introduction What are we doing? Barriers to Learning Health Systems The Biggest Single Barrier to LHS Questions What are we doing? PamBayesian seeks to: Create intelligent

430 views • 8 slides
Why have this workshop? Nursing represents the largest sector of the health professions

Why have this workshop? Nursing represents the largest sector of the health professions

Why have this workshop? Nursing represents the largest sector of the health professions The pervasive reach of nursing care makes nurses an ideal audience for nutrition competency training which can ultimately improve patient care and

186 views • 7 slides
INVESTOR PRESENTATION SEPTEMBER 2017 DABUR OVERVIEW One of the oldest and largest FMCG Companies

INVESTOR PRESENTATION SEPTEMBER 2017 DABUR OVERVIEW One of the oldest and largest FMCG Companies

INVESTOR PRESENTATION SEPTEMBER 2017 DABUR OVERVIEW One of the oldest and largest FMCG Companies in the country Worlds largest in Ayurveda and natural healthcare Total reach of 6 mn outlets, one of the highest among FMCG companies

705 views • 33 slides
.tr DDoS Attack December 2015 Attila zgit .tr ccTLD Manager Dec, 2015 .tr DDoS Attack A

.tr DDoS Attack December 2015 Attila zgit .tr ccTLD Manager Dec, 2015 .tr DDoS Attack A

.tr DDoS Attack December 2015 Attila zgit .tr ccTLD Manager Dec, 2015 .tr DDoS Attack A Summary of a 3 weeks long experience 2016-03-07 Dec 2015 DDoS Attack on .TR 2 Before DDoS q Infrequent Small scale DoS and DDos Attacks Few

606 views • 14 slides

More recommend