| Document Type
|
:
|
BL
|
| Record Number
|
:
|
602288
|
| Doc. No
|
:
|
b431507
|
| Main Entry
|
:
|
Ayala, Luis
|
| Title & Author
|
:
|
Cybersecurity for hospitals and healthcare facilities : : a guide to detection and prevention /\ Luis Ayala
|
| Page. NO
|
:
|
1 online resource (147 pages) :: illustrations (some color)
|
| ISBN
|
:
|
1484221559
|
|
|
:
|
: 9781484221556
|
|
|
:
|
: 9781484221549
|
|
|
:
|
: 1484221540
|
|
|
:
|
1484221540
|
| Contents
|
:
|
At a Glance; Contents; About the Author; About the Technical Reviewer; Preface; Introduction; Chapter 1: Hacker Reconnaissance of a Hospital Network; Footprinting; Scanning; Enumeration; Network Mapping; Cyber-Threat Actors; Chapter 2: How Hackers Gain Access to a Healthcare Facility or Hospital Network; Phishing Attack; Email Phishing Attack; Man-in-The-Middle Attacks; Pharming Attack; Indirect Cyber-Attack; Scareware; Ransomware; USB Stick; Auto-Hacking Attack; Backdoors; Ad Hoc Network; Unpatched Vulnerabilities; Appliance Hacks; Password Cracker; Denial-of-Service Attack
|
|
|
:
|
Black Hole AttackSecondary Entry Points; Modems; Rogue Access Points; Chapter 3: Active Medical Device Cyber-Attacks; Magnetic Resonance Imaging (MRI); X-ray Generator (X-ray); Infusion Pump; Positron Emission Tomography (PET) Scanner; X-ray Computed Tomography (CT) Scanner; Defibrillators; Medical Ventilator; Anesthetic Machine; Heart-Lung Machine; Extracorporeal Membrane Oxygenation (ECMO); Dialysis Machine; Medical Lasers; Robotic Surgical Machine; Medical Device Data Systems (MDDS); Active Patient Monitoring Devices; Interoperable Medical Devices; Medical Image Storage Devices
|
|
|
:
|
Medical Image Communications DevicesMedical Laboratory; Electronic Health Records (EHR); Barcode Scanning Systems; Chapter 4: Medical Facility Cyber-Physical Attacks; Building Controls System; Facility Equipment Controlled by the BCS; BCS Network Vulnerabilities; Preventing Hospital Building Equipment Damage; Facility Equipment Cyber-Physical Attacks; Steam Boilers; Boiler Sequence Controller Hack; Hot Water Heater Explosion; Chillers; Cooling Tower; Backup Generator; Chapter 5: Hospital Insider Threat; Types of Insider Threats; Types of Insider Cyber-Attacks; Insider Hacking Tools; Software
|
|
|
:
|
HardwareChapter 6: Detection of Cyber-Attacks; Indicators of a Possible Cyber-Attack; Cyber-Attack Detection Tools; Intrusion Detection Systems; Intrusion Detection System Alarms; Intrusion Prevention System; Firewalls; Antivirus Programs; Forensic Evidence of a Cyber-Attack; Rootkits; Run Intrusion Detection System; Chapter 7: Preventing Cyber-Attacks; Cyber-Hygiene; Step 1. Physical Access to Equipment and Workplace; Step 2. Eliminate Common MGN Vulnerabilities; Step 3. Monitor Access to the MGN; Network Procurement Documentation
|
|
|
:
|
Discontinue Remote Connections to the Medical Equipment NetworkImplement Application Whitelisting; Systematic Patch Management Regimen; Reduce the Attack Surface; Build a Defendable Network Environment; Manage Authentication; Monitor and Respond; Do Not Use Medical Equipment Networks for Anything Else; Cybersecurity Analysis Tools; How to Avoid Phishing Scams; Chapter 8: Cyber-Attack Response and Recovery Planning; Developing a Response and Recovery Plan; Incident Response Teams; Recovery Phases; Phase 1: Detection; Phase 2: Mitigation; Phase 3: Recovery; The After Action Report
|
| Abstract
|
:
|
Learn how to detect and prevent the hacking of medical equipment at hospitals and healthcare facilities. A cyber-physical attack on building equipment pales in comparison to the damage a determined hacker can do if he/she gains access to a medical-grade network as a medical-grade network controls the diagnostic, treatment, and life support equipment on which lives depend. News reports inform us how hackers strike hospitals with ransomware that prevents staff from accessing patient records or scheduling appointments. Unfortunately, medical equipment also can be hacked and shut down remotely as a form of extortion. Criminal hackers will not ask for a $500 payment to unlock an MRI, PET or CT scan, or X-ray machinethey will ask for much more. Litigation is bound to follow and the resulting punitive awards will drive up hospital insurance costs and healthcare costs in general. This will undoubtedly result in increased regulations for hospitals and higher costs for compliance. Unless hospitals and other healthcare facilities take the steps necessary to secure their medical-grade networks, they will be targeted for cyber-physical attack, possibly with life-threatening consequences. Cybersecurity for Hospitals and Healthcare Facilities is a wake-up call explaining what hackers can do, why hackers would target a hospital, the way hackers research a target, ways hackers can gain access to a medical-grade network (cyber-attack vectors), and ways hackers hope to monetize their cyber-attack. By understanding and detecting the threats, hospital administrators can take action nowbefore their hospital becomes the next victim. This book shows you how to: Determine how vulnerable hospital and healthcare building equipment is to cyber-physical attack. Identify possible ways hackers can hack hospital and healthcare facility equipment. Recognize the cyber-attack vectorsor paths by which a hacker or cracker can gain access to a computer, a medical-grade network server, or expensive medical equipment in order to deliver a payload or malicious outcome. Detect and prevent man-in-the-middle or denial-of-service cyber-attacks. Detect and prevent hacking of the hospital database and hospital web application
|
| Subject
|
:
|
Computer security
|
| Subject
|
:
|
Internet-- Security measures
|
| Subject
|
:
|
Health facilities-- Security measures
|
| Subject
|
:
|
Computer Science
|
| Subject
|
:
|
Security
|
| Subject
|
:
|
Systems and Data Security
|
| Subject
|
:
|
Operating Systems
|
| Subject
|
:
|
Computer Security
|
| Dewey Classification
|
:
|
004
|
| LC Classification
|
:
|
QA76.9.A25
|
| NLM classification
|
:
|
W 26.5
|
| Added Entry
|
:
|
Ohio Library and Information Network
|