The research results from our assessment of 12 healthcare facilities, 2 healthcare data facilities, 2 active medical devices from one
manufacturer, and 2 web applications that remote adversaries can easily deploy attacks that target and compromise patient health. We
demonstrated that a variety of deadly remote attacks were possible within these facilities, of which four attack scenarios are presented in
this report. To understand these ecosystems, a two year study was performed from January, 2014 through January, 2016 of critical
elements within these facilities as they relate to securing patient health. Our goal was to create a blueprint --a step-by-step action plan--
that all medical facilities can follow as the foundational element in reaching full security readiness. The research was driven by a handson
analysis of various healthcare systems, applications, and budgets, interviews with hospital, data center, and medical device
manufacturer employees, and sourcing industry knowledge from thought leaders on our advisory board. The findings show an industry in
turmoil: lack of executive support, insufficient talent, improper implementations of technology, outdated understanding of adversaries,
lack of leadership, and a misguided reliance upon compliance. These findings illustrate our greatest fear: patient health remains extremely
vulnerable. The output of the research is the production of a modern patient-health focused attack model, and a blueprint that advocates
a phased approach to security design and implementation for healthcare facilities that focuses on the protection of patient health assets.
ISE security analysts considered the increasing
prevalence of SSL inspection on corporate networks, threats to the certificate
authority model that could allow SSL inspection to spread to other types of
networks in the future, and how built-in browser key generation capabilities
could be leveraged to achieve mutual authentication and greatly frustrate,
if not prevent, mass-scale, automated SSL inspection.
ISE identified 21 (70% of sites tested) financial, healthcare, insurance and utility account sites that failed to forbid browsers from storing cached content on disk, and as a result, after visiting these sites, unencrypted sensitive content is left behind on end-users' machines.
ISE researchers discovered critical security vulnerabilities in numerous small office/home office (SOHO) routers and wireless access points. These vulnerabilities allow a remote attacker to take full control of the router's configuration settings; some allow a local attacker to bypass authentication directly and take control. This control allows an attacker to intercept and modify network traffic as it enters and leaves the network.