Cybersecurity for Hospitals and Healthcare Facilities, 1st ed.
A Guide to Detection and Prevention

Learn how to detect and prevent the hacking of medical equipment at hospitals and healthcare facilities. A cyber-physical attack on building equipment pales in comparison to the damage a determined hacker can do if he/she gains access to a medical-grade network as a medical-grade network controls the diagnostic, treatment, and life support equipment on which lives depend.

News reports inform us how hackers strike hospitals with ransomware that prevents staff from accessing patient records or scheduling appointments. Unfortunately, medical equipment also can be hacked and shut down remotely as a form of extortion. Criminal hackers will not ask for a $500 payment to unlock an MRI, PET or CT scan, or X-ray machine?they will ask for much more.

Litigation is bound to follow and the resulting punitive awards will drive up hospital insurance costs and healthcare costs in general. This will undoubtedly result in increased regulations for hospitals and higher costs for compliance. Unless hospitals and other healthcare facilities take the steps necessary to secure their medical-grade networks, they will be targeted for cyber-physical attack, possibly with life-threatening consequences.

Cybersecurity for Hospitals and Healthcare Facilities is a wake-up call explaining what hackers can do, why hackers would target a hospital, the way hackers research a target, ways hackers can gain access to a medical-grade network (cyber-attack vectors), and ways hackers hope to monetize their cyber-attack. By understanding and detecting the threats, you can take action now?before your hospital becomes the next victim.

What You Will Learn:

• Determine how vulnerable hospital and healthcare building equipment is to cyber-physical attack
• Identify possible ways hackers can hack hospital and healthcare facility equipment
• Recognize the cyber-attack vectors?or paths by which a hacker or cracker can gain access to a computer, a medical-grade network server, or expensive medical equipment in order to deliver a payload or malicious outcome
• Detect and prevent man-in-the-middle or denial-of-service cyber-attacks
• Find and prevent hacking of the hospital database and hospital web application

Who This Book Is For:

Hospital administrators, healthcare professionals, hospital & healthcare facility engineers and building managers, hospital & healthcare facility IT professionals, and HIPAA professionals

Chapter 1: Hacker Reconnaissance of a Hospital Network .- Chapter 2: How Hackers Gain Access to a Hospital Network .- Chapter 3: Active Medical Device Cyber-Attacks.- Chapter 4: Medical Facility Cyber-Physical Attacks.- Chapter 5: Hospital Insider Threat.- Chapter 6: Detection of Cyber-Attacks.- Chapter 7: Preventing Cyber-Attacks.- Chapter 8: Cyber-Attack Response and Recovery Planning.- Chapter 9: Appendix. Cyber-Attack Response Procedures Template.- 

Luis Ayala is a Senior Technical Expert in the Department of Defense responsible for design, construction, and operation of Intelligence Community facilities worldwide. He is a licensed architect and holds a classified Master of Science in Technology Intelligence Degree from the National Intelligence University.

A one-of-a-kind action plan describing how hackers attack hospital and healthcare facility equipment, the extent of damage possible, and how to respond when a cyber-physical attack occurs

One of few books on cybersecurity that address cyber-physical attacks directed against hospital and healthcare facilities and equipment

Introduces concepts such as hospital cyber-attack vectors (e.g., removable media, email, supply chain, cyber-drone, and more)