Investigative report
medjack.4: medical Device Hijacking Report
Over the last six months, the team at TrapX Labs conducted the world’s first counter-intelligence cyber-deception operation by creating a fake hospital network and disseminating VPN credentials for it in the Darknet.
Healthcare networks remain under continuous attack. MEDJACK.4 documents the growing escalation of attacks on healthcare providers to target and exploit medical devices and an increase in sophistication in the techniques used by the attackers.
Ori Bach
Vice President Products & Marketing, TrapX Security
Are cyber attackers hiding inside your medical devices?
TrapX Labs research identified a broad wave of cyber attacks targeting hospital medical devices. This is a direct threat to hospital operations and the security of patient data.
As part of counter intelligence efforts at TrapX Labs, the team created an entire network for a fictitious healthcare institution including a public website that gave attackers the feeling that they were dealing with a real healthcare organisation.
They then exchanged the VPN credentials of this network in the Darknet market. This “fake” hospital served as the ultimate deception to lure, engage and study cyber attackers. As a result, the team at TrapX Labs was able to fully document the attackers’ behaviour.
This investigative report covers the following:
- How the MEDJACK attack works so effectively
- Why medical devices are the most significant points of vulnerability in healthcare enterprise - yet the least protected
- Why medical devices are also the most difficult area to remediate when compromised
- Best practices to reduce the risk associated with hijacking of medical devices.
Get your copy of the report!
Complete the form and receive a copy of the report to learn how you can reduce your organisation’s risk of medical device hijacking.
Read our privacy policy for details on use and storage of your personal data
