Attacking Your Own Network: A Lesson on Penetration Testing for Healthcare

February 27, 2018 John Nye

The healthcare industry has become a major target for attackers in recent years. It has become a veritable race between the attackers and the protectors. Who will find the vulnerabilities first?

Unfortunately, finding the vulnerabilities is only part of the goal, as those findings need to be remediated in order for them to be unavailable to attackers. But, remediation is a separate topic, maybe next year. Regardless, you can’t fix anything you don’t know is broken. Which is precisely why we should be attacking our own networks in order to protect them.

Why Should You Care?

While it makes no difference whether you are an information security professional or a medical professional who only uses necessary technology, it’s still important to understand what hacking is and how it affects you. We are all affected in some way by malicious hackers in our daily lives. In 2016 16 million patient records were reported stolen, the numbers for 2017 aren’t officially released yet, we all know last year was significantly worse. Understanding what we do and how your organization is being proactive to keep everyone safe will help us to start bringing these numbers down.

It’s also important to understand what hackers do so some of the mystery can be removed. Despite popular belief – and what you see on most television shows – hackers are not magicians in black hoodies and are not capable of superhuman feats. Whether their intention is good or ill, all hackers use the same software and techniques. So, let us look at some of the realistic capabilities of today’s attackers.

What is a Hacker & What’s a Penetration Test?

TechTarget has a great definition of a hacker: “A hacker is an individual who uses computer, networking or other skills to overcome a technical problem.” There are certainly broader and conflicting definitions of what a hacker is but for our purposes, the above definition works perfectly. The ethical hacker that performs penetration tests is skilled in using specialized tools to probe networks and systems to assist them in identifying vulnerabilities.

A penetration test at its most basic is a vulnerability assessment of the security of a system or network. The most common pen testing assessment would begin with a simple network scan (a process by which a program is used to probe for specific signs of devices and gather data) to map the systems on the network, followed by an automated scan for known vulnerabilities on those systems. Then the hacker or penetration tester has their work cut out for them. They review all the results from the scans and identify some vulnerabilities that can give them unfettered access to the target network. Obviously, there is a lot more to this story, but I have to save some of it for HIMSS18. In the meantime, the hyperlinks above will let you dig a lot deeper.

It’s All Fair Game

If you don’t probe your own systems and sites, then there is no way to know all the issues that might lie dormant. Even the most secure applications, systems, and organizations in the world have insecure and unknown systems on their networks. With that said, it is easy to boggle the mind with what is lurking on the average enterprise’s network.

The healthcare industry is finding that technology is being forced upon them at a rate that is far outpacing their ability to keep track of, let alone secure, all of these devices. Regardless of your level of technical expertise, knowing is always helpful. The talk will go more into how a penetration test works with demonstrations and entertaining commentary for all.

See you in #Vegas for #HIMSS2018 and don’t hesitate to ask me questions or reach out to talk about security, penetration testing, and anything else in the cybersecurity arena. Just send an email to info@cynergistek.com if you would like to schedule a meeting with John (@EndisNye_com) and Chuck while at HIMSS.

 
 
Previous Article
Swinging the Cybersecurity Pendulum: Can New Strategies “Reverse the Curse?”
Swinging the Cybersecurity Pendulum: Can New Strategies “Reverse the Curse?”

Next Article
A ransomware post-mortem
A ransomware post-mortem