This is one of those case studies that gives you goosebumps thinking about the current state of cybersecurity in the healthcare industry. For example, a medical laser being infected by malware. Read on for the details.
A regional health system with more than 13,000 employees
- 300+ Locations
- 100+ Communities
The organization has a predominately Cisco network infrastructure. Their existing technology lacked the ability to prevent or detect malicious files from entering their environment.
Infogressive deployed an advanced malware prevention solution.
Upon deploying the technology, a number of existing assets were found to be already compromised and communicating with command and control infrastructure. Included in those compromised hosts, was a system infected with a Conficker variant. That system turned about to be a controller for a laser designed to cut out cancer cells/tumors.
The Sad State of Embedded Healthcare Systems
When this healthcare organization contacted the manufacturer of the laser to address the Conficker infection, the response was along the lines of “You can’t patch or edit the embedded operating system as it will void your warranty.” The decision was made by the organization to just segment the laser system behind a firewall so that it wouldn’t spread to the rest of the environment and go about business as usual, leaving the malware infected machine to perform life-saving procedures.
Hear the case study from the view of our Founder and CEO, Justin Kallhoff: