Provider Solutions

Hospitals under attack

Hospitals have recently come under attack in the form of network compromise, data theft, and ransomware attacks. This is a trend that we expect to see increasing over the next 5 years. In black markets, medical records can fetch over ten times the price of financial records. Remediation costs of a breach, even in the months following the attack, can cripple a healthcare organization.

MedSec has brought the expertise of highly specialized vulnerability researchers with backgrounds in intelligence and government environments, to help medical device manufacturers address these security challenges. MedSec is now giving healthcare providers unique proprietary workarounds for healthcare-specific technology deployments that provide this necessary resilience to the healthcare ecosystem.

Vendor technology assessments

Healthcare provider systems are often proprietary, requiring unique industry-specific tools and skillsets to analyze and secure. We have leveraged our relationships to cover the core areas of the attack surface in which many healthcare organizations are targeted. These include:

  • Picture Archiving and Communication System (PACS) and associated equipment.
  • Medical-specific RF equipment and devices (often life-critical).
  • Other wired medical equipment.
  • Video communications and call contact centers.
  • Electronic Medical Records software (including inter-hospital proprietary solutions).
  • Physical security monitoring systems.

MedSec has developed multiple solutions that include internally developed patches, dynamic networking policy tools, strategies to contain compromised devices, and other innovations to work around innate medical device limitations. These measures are required to reach the threshold of deterrence for an attacker who has gained access to internal healthcare systems.

Penetration and data loss testing

Penetration testing will help identify, and remove, opportunity/attack vectors available to attackers who are targeting an organization. MedSec works with healthcare providers to address results via standard and custom penetration test fixes.

Once an environment is compromised, an attacker’s attention will often turn to sensitive data, with the following actions:

  • Reconnaissance and data identification.
  • Unauthorized access to critical and sensitive data.
  • Data exfiltration.

MedSec works with healthcare providers to reproduce these actions and limit exposure. MedSec's services, delivered in conjunction with penetration testing services or independently, can help healthcare providers lock down sensitive data environments and test the effectiveness of their protection capabilities such as data loss prevention systems.

Security maturity reviews

For institutions interested in greatly reducing and eliminating the likelihood of a breach, we offer a MedSec security maturity review.

This is a tailored healthcare-specific security review that follows the NIST Cyber Security Framework and BSIMM Methodologies.

The BSIMM covers 12 areas of practice around software security:

Governance Intelligence Secure Software Development Lifecycle Deployment
Strategy & Metrics Attack Models Architecture Analysis Penetration Testing
Compliance & Policy Security Features and Design Code Review Software Environment
Training Standards and Requirements Security Testing Configuration Management and Vulnerability Management

Security monitoring

MedSec has partnered with leading managed security and security monitoring technology solutions providers to offer 24/7 monitoring solutions, spanning:

  • User and device identity management.
  • Software and firmware integrity monitoring.
  • Intrusion detection and response.