Cybersecurity for Hospitals and Healthcare Facilities: A Guide to Detection and Prevention

Luis Ayala

  • 出版商: Apress
  • 出版日期: 2016-09-07
  • 售價: $2,840
  • 貴賓價: 9.5$2,698
  • 語言: 英文
  • 頁數: 129
  • 裝訂: Paperback
  • ISBN: 1484221540
  • ISBN-13: 9781484221549
  • 相關分類: 資訊安全
  • 海外代購書籍(需單獨結帳)

相關主題

商品描述

This book is a wake-up call explaining how to detect and prevent the hacking of medical equipment at hospitals and healthcare facilities. The vulnerability of the medical equipment inside the hospital to cyber-attacks far eclipses the actual building equipment. A cyber-physical attack on building equipment pales in comparison to the damage a determined hacker can do if he/she gains access to a medical grade network. A medical grade network controls the diagnostic, treatment and life support equipment on which lives depend.

Recent news reports how hackers struck hospitals with ransomware that prevented staff from accessing patient records or scheduling appointments. Unfortunately, medical equipment can also be hacked and shut down remotely as a form of extortion. Criminal hackers will not ask for a $500 payment to unlock an MRI, PET, CT Scan, or X-Ray machine―they will ask for much more.

Litigation is bound to follow and the resulting punitive awards will drive up hospital insurance costs and healthcare costs in general. This will undoubtedly result in increased regulations for hospitals and higher costs for compliance. Unless hospitals and other healthcare facilities take the steps necessary now to secure their medical grade networks, they will be targeted for cyber-physical attack, possibly with life-threatening consequences.  

Cybersecurity for Hospitals and Healthcare Facilities shows what hackers can do, why hackers would target a hospital, the way they research a target, ways they can gain access to a medical grade network (cyber-attack vectors), and ways they hope to monetize their cyber-attack. By understanding and detecting the threats, hospital administrators can take action now – before their hospital becomes the next victim.

What you’ll learn

  • How to determine how vulnerable hospital and healthcare building equipment is to cyber-physical attack.
  • How to identify possible ways hackers can hack hospital and healthcare facility equipment.
  • How to recognize the cyber-attack vectors―or paths by which a hacker or cracker can gain access to a computer, a medical grade network server or expensive medical equipment in order to deliver a payload or malicious outcome.
  • How to detect and prevent man-in-the-middle or denial of service cyber-attacks.
  • How to detect and prevent hacking of the hospital database and hospital web application.

Who This Book Is For

Hospital Administrators, Healthcare professionals, Hospital & Healthcare Facility Engineers and Building Managers, Hospital & Healthcare Facility IT professionals, and HIPAA professionals.

商品描述(中文翻譯)

這本書是一個警示,解釋如何檢測和防止醫療設備在醫院和醫療機構被駭客攻擊。醫院內部醫療設備對網路攻擊的脆弱性遠遠超過實際建築設備。對建築設備的網路物理攻擊與一名決心的駭客如果獲得醫療等級網路的存取權所能造成的損害相比,簡直微不足道。醫療等級網路控制著診斷、治療和生命支持設備,這些設備關乎生命。

最近的新聞報導了駭客如何利用勒索病毒攻擊醫院,導致工作人員無法訪問病歷或安排預約。不幸的是,醫療設備也可能被駭客攻擊並遠端關閉,作為一種勒索手段。犯罪駭客不會要求500美元來解鎖MRI、PET、CT掃描或X光機——他們會要求更多的贖金。

隨之而來的訴訟必然會發生,結果導致的懲罰性賠償將推高醫院的保險成本和整體醫療成本。這無疑會導致醫院面臨更多的監管要求以及更高的合規成本。除非醫院和其他醫療機構現在採取必要的步驟來保護他們的醫療等級網路,否則他們將成為網路物理攻擊的目標,可能會帶來危及生命的後果。

《醫院與醫療機構的網路安全》展示了駭客能做什麼、為什麼駭客會針對醫院、他們如何研究目標、他們可以如何獲得醫療等級網路的存取權(網路攻擊向量),以及他們希望如何從網路攻擊中獲利。通過理解和檢測威脅,醫院管理者可以立即採取行動——在他們的醫院成為下一個受害者之前。

你將學到的內容:
- 如何判斷醫院和醫療建築設備對網路物理攻擊的脆弱性。
- 如何識別駭客可能入侵醫院和醫療機構設備的方式。
- 如何識別網路攻擊向量——即駭客或破解者獲得計算機、醫療等級網路伺服器或昂貴醫療設備存取權的路徑,以便傳送有效載荷或造成惡意結果。
- 如何檢測和防止中間人攻擊或拒絕服務攻擊。
- 如何檢測和防止醫院資料庫和醫院網頁應用程式的駭客攻擊。

本書適合對象:
醫院管理者、醫療專業人員、醫院及醫療機構工程師和建築經理、醫院及醫療機構IT專業人員,以及HIPAA專業人員。