Title: Hacking Medical Devices

Instructor: Jay Radcliffe & Fotios Chantzis

Abstract: In the world of connected devices some are more dangerous than others. Devices that connect our bodies to a network are especially intriguing. These devices are often fraught with vulnerabilities and security concerns. In this workshop participants will have an opportunity to learn about different medical devices and explore their attack surfaces. There will be a collection of connected medical devices on-premise that we will scan, take-apart, and explore. Some of the topics in the course will include: network scanning for medical devices, firmware analysis, vulnerability hunting, Wireless/RF analysis, and hardware analysis and assessment.


We will cover vulnerabilities on the insecure DICOM protocol. We are going to showcase how to leverage pynetdicom to write python scripts for attacking DICOM and exploit insecurely configured PACS servers leading to the extraction of sensitive PHI (Protected Health Information). DICOM, being a highly complex protocol, can also allow for other attack vectors such as embedding PE malware. Another aspect of the training will cover vulnerabilities found in IoT infrastructure with a focus on IP cameras and video management servers. These often run insecure protocols like zeroconf and have web portals that are easily authentication brute-forceable and poorly configured. We are specifically going to examine the WS-Discovery protocol which provides some interesting attack vectors by putting too much trust on the local network.

Hands-on exercises will be conducted by the students throughout the training for each section under the guidance of the instructors.

Level: Intermediate

Pre-Requisites: None

Required Materials: Laptop with Wired Ethernet connection (NOT Wireless)