SAN MATEO, CA--(Marketwired - Feb 9, 2017) - TrapX Security®, a global leader in advanced cybersecurity defense, today announced vice president of product strategy Anthony James will be speaking at RSA on the topic of vulnerabilities and attack strategies affecting today's global healthcare institutions.
What: James will detail how a medical device at a hospital headquarters with ten member hospitals was compromised because the device was using an older operating system. James will explain how deception technology was used to identify an X-ray image viewer that the attacker compromised and used as a command and control center, enabling it to move laterally through the hospital's network.
"The core payload exhibited new characteristics and increased sophistication we had not observed in previous medical-device hijack attacks," said James. "First, the attacker's tools had functionality for detecting virtual machines -- they would not run under a virtual machine or sandbox environment. Second, the attacker's tools utilized methods to prevent debugging, so the attack could not be easily analyzed."
The attacker polled and inspected medical devices on the network every few hours seeking critical healthcare data, but only injected medical devices with old operating systems.
Thursday, February 16, 2017
8:00 a.m. - 8:45 a.m. PT
Moscone South #308
747 Howard St, San Francisco, CA 94103
Background: Healthcare institutions are targeted by medical device hijacks on a regular basis. Examples of previous medical hijacks (Medjack) can be found in a report TrapX published in June, 2016. That report can be downloaded here: http://deceive.trapx.com/rs/929-JEW-675/images/AOA_Report_TrapX_MEDJACK.2.pdf. In a Medjack, attackers design specific malware tools with the goal of establishing a "back door" within a medical device. Once a connection has been made, the attacker's agenda is typically to steal hospital data, which is quickly sold on the dark web. In this particular attack, deception technology installed on the hospital's internal network used TrapX's emulated medical device to attract, trap and engage attacker software tools.
Why Medical Devices?
Attackers are drawn to medical devices because they are highly vulnerable. Many use legacy operating systems that are missing key security enhancements. What's more, there are no after-market security solutions; medical devices are closed systems and cannot be scanned easily. Because medical devices are expensive and have long lifecycles, it is difficult to throw them away and replace them. And medical devices must be serviced by the manufacturer; no one at a healthcare facility can remediate a cyber intrusion.
Interview Opportunities: There will be a media Q & A immediately following the discussion. Because space is limited, please RSVP to TrapX@10Fold.com to reserve a seat.
TrapX and TrapX Security is a trademark of TrapX Security, Inc.
Visit the TrapX Website: www.trapx.com
Watch a 60 Second Introduction to Deception Technology: https://youtu.be/d6lzgBZ4hWQ
Learn more about DeceptionGrid: http://trapx.com/products/deceptiongrid/
Visit the TrapX blog: http://www.trapx.com/blog/
Follow TrapX on Twitter: @trapxsecurity
Follow TrapX on LinkedIn: https://www.linkedin.com/company/trapx
Like TrapX on Facebook: https://www.facebook.com/pages/TrapX/258804147648401
About TrapX Security
TrapX Security is a leader in deception based cyber security defense. Our solutions rapidly detect, analyze, and defend against zero day and advanced attacks in real time. DeceptionGrid™ provides automated, highly accurate insight into malware and malicious activity unseen by other types of cyber defense. We create a proactive security posture, fundamentally changing the economics of cyber defense by shifting the cost to the attacker. The TrapX Security customer base includes Forbes Global 2000 commercial and government customers around the world in sectors that include defense, healthcare, finance, energy, consumer products, and other key industries. Learn more at www.trapx.com.