Lozhkin presented a case study of a local hospital that he hacked.
I have no information on medical equipment; I dont know how it works, he said.
I started the research just to learn something.
When we develop technology in software systems, engineers forget about IT security.
Its a problem not just with medical equipment, but in a lot of areas of the industry.
The cornerstone of medical devices vulnerability@scotterven#TheSAS2016pic.twitter.com/4kBYPi5V34
Getting admin access to medical devices is easy.
What can happen to exposed medical devices?
you’ve got the option to say I just hacked [lousy] Wi-Fi, so what?
There was also access to a C Shell in the software.
Since management knew that Lozhkin was supposed to carry out a test, the records provided were dummy data.
However, the experiment put forward its point and showed hospital management that their online grid was miserably insecure.
source: www.techworm.net
