Healthscare – An Insider's Biopsy of Healthcare Application Security

Dive into a critical examination of healthcare application security in this 42-minute Black Hat conference talk. Explore vulnerabilities and design issues within various clinical systems, including radiology reading, EMR downtime, patient entertainment, pharmacy distribution, nurse communication, M&A EMR, clinical documentation, and temperature monitoring. Analyze the dissection of numerous healthcare solutions, revealing a concerning prognosis for hospital enterprise security. Follow Seth Fogie's in-depth investigation of clinical productivity software, drug dispensaries, imaging systems, and downtime devices. Learn about decrypting client-side data, SQL account decryption, binary patching, and privileged escalation. Discover red flag indicators and gain insights into Penn Med's approach to addressing these security challenges. Understand the critical need for improved healthcare application security and explore potential solutions for the future.

Intro
Alice and Bob at the Black Hat Clinic
What is Clinical Productivity Software?
Decrypting Client Side Data
Clinical Productivity System Findings
What is a Drug Dispensary?
Authenticated Users and Configuration Files
SQL Account Decryption
UA* Account Decryption
Drug Cabinet System Findings
Clinical Imaging System
IDA Review Process
Patching the Binary
Administrator Tool Patched
Imaging System Findings
Downtime Device Security
Crack the Hash
Cracking Downtime Device Hashes
Generic User Space
Privileged Escalation
Downtime Device Key Extract
Downtime Device Findings
Findings Summary
Red Flag Indicators
What are we doing at Penn Med?
Where to from here?