Skip to main content
SpringerLink
Log in

How Hackers Gain Access to a Healthcare Facility or Hospital Network

  • Chapter
  • First Online:
Cybersecurity for Hospitals and Healthcare Facilities

Abstract

This is where the hacker begins to exploit the hospital’s network. The hacker gains access to an active medical device on a hospital network in any one of dozens of ways. Having successfully carried out a spear-phishing campaign, the hacker knows who the network administrator is, who the technicians are, and has even obtained some email addresses for hospital staff from attendee lists at medical conferences posted to the Internet. Hospital directories are also a good source of information. When an unsuspecting hospital employee opens an email claiming to be from a bank, the IRS, hospital HR, or from a spoofed name of a friend, the malicious payload is delivered. Fully 78 percent of phishing emails will impersonate hospital IT department or anti-virus vendor.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 59.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 79.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    Davey Winder. “Phish Your Own Staff: Arming Employees to Beat Modern Attacks,” Infosecurity, Nov. 28, 2014.

  2. 2.

    http://www.verizonenterprise.com/DBIR/2015/

  3. 3.

    https://www.knowbe4.com/what-is-cryptolocker-ransomware/

  4. 4.

    A media access control address (MAC address), also called a physical address, of a computer is a unique identifier assigned to network interfaces for communications on the physical network segment.

  5. 5.

    Kim Zetter, “It’s Insanely Easy to Hack Hospital Equipment,” Wired magazine, April 25, 2014.

  6. 6.

    Connor Mannion, “Three U.S. Hospitals Hit in String of Ransomware Attacks,” NBC News, March 23, 2016.

  7. 7.

    Connor Mannion, “Three U.S. Hospitals Hit in String of Ransomware Attacks,” NBC News, March 23, 2016.

  8. 8.

    US-CERT Alert (TA16-091A) Ransomware and Recent Variants Original release date: March 31, 2016. Last revised: May 6, 2016.

  9. 9.

    https://www.microsoft.com/en-us/security/portal/mmpc/shared/ransomware.aspx

  10. 10.

    Charlie Osborne, “Tick, tock: Jigsaw ransomware deletes your files as you wait,” ZDNet, April 22, 2016.

Author information

Authors and Affiliations

  1. Fredericksburg, Virginia, USA

    Luis Ayala

Authors
  1. Luis Ayala
    View author publications

    You can also search for this author in PubMed Google Scholar

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Luis Ayala

About this chapter

Cite this chapter

Ayala, L. (2016). How Hackers Gain Access to a Healthcare Facility or Hospital Network. In: Cybersecurity for Hospitals and Healthcare Facilities. Apress, Berkeley, CA. https://doi.org/10.1007/978-1-4842-2155-6_2

Download citation

Publish with us

Policies and ethics

Search

Navigation