About this book
Learn how to detect and prevent the hacking of medical equipment at hospitals and healthcare facilities. A cyber-physical attack on building equipment pales in comparison to the damage a determined hacker can do if he/she gains access to a medical-grade network as a medical-grade network controls the diagnostic, treatment, and life support equipment on which lives depend.
News reports inform us how hackers strike hospitals with ransomware that prevents staff from accessing patient records or scheduling appointments. Unfortunately, medical equipment also can be hacked and shut down remotely as a form of extortion. Criminal hackers will not ask for a $500 payment to unlock an MRI, PET or CT scan, or X-ray machine—they will ask for much more.Litigation is bound to follow and the resulting punitive awards will drive up hospital insurance costs and healthcare costs in general. This will undoubtedly result in increased regulations for hospitals and higher costs for compliance. Unless hospitals and other healthcare facilities take the steps necessary to secure their medical-grade networks, they will be targeted for cyber-physical attack, possibly with life-threatening consequences.
Cybersecurity for Hospitals and Healthcare Facilities is a wake-up call explaining what hackers can do, why hackers would target a hospital, the way hackers research a target, ways hackers can gain access to a medical-grade network (cyber-attack vectors), and ways hackers hope to monetize their cyber-attack. By understanding and detecting the threats, hospital administrators can take action now—before their hospital becomes the next victim. This book shows you how to:
- Determine how vulnerable hospital and healthcare building equipment is to cyber-physical attack.
- Identify possible ways hackers can hack hospital and healthcare facility equipment.
- Recognize the cyber-attack vectors—or paths by which a hacker or cracker can gain access to a computer, a medical-grade network server, or expensive medical equipment in order to deliver a payload or malicious outcome.
- Detect and prevent man-in-the-middle or denial-of-service cyber-attacks.
- Detect and prevent hacking of the hospital database and hospital web application.