Muutke küpsiste eelistusi

E-raamat: Cybersecurity for Hospitals and Healthcare Facilities: A Guide to Detection and Prevention

3.67/5 (5 hinnangut Goodreads-ist)
  • Formaat: PDF+DRM
  • Ilmumisaeg: 06-Sep-2016
  • Kirjastus: APress
  • Keel: eng
  • ISBN-13: 9781484221556
Teised raamatud teemal:
  • Formaat - PDF+DRM
  • Hind: 80,26 €*
  • * hind on lõplik, st. muud allahindlused enam ei rakendu
  • Lisa ostukorvi
  • Lisa soovinimekirja
  • See e-raamat on mõeldud ainult isiklikuks kasutamiseks. E-raamatuid ei saa tagastada.
Cybersecurity for Hospitals and Healthcare Facilities: A Guide to Detection and PreventionSuurem pilt
  • Formaat: PDF+DRM
  • Ilmumisaeg: 06-Sep-2016
  • Kirjastus: APress
  • Keel: eng
  • ISBN-13: 9781484221556
Teised raamatud teemal:

DRM piirangud

  • Kopeerimine (copy/paste):

    ei ole lubatud

  • Printimine:

    ei ole lubatud

  • Kasutamine:

    Digitaalõiguste kaitse (DRM)
    Kirjastus on väljastanud selle e-raamatu krüpteeritud kujul, mis tähendab, et selle lugemiseks peate installeerima spetsiaalse tarkvara. Samuti peate looma endale  Adobe ID Rohkem infot siin. E-raamatut saab lugeda 1 kasutaja ning alla laadida kuni 6'de seadmesse (kõik autoriseeritud sama Adobe ID-ga).

    Vajalik tarkvara
    Mobiilsetes seadmetes (telefon või tahvelarvuti) lugemiseks peate installeerima selle tasuta rakenduse: PocketBook Reader (iOS / Android)

    PC või Mac seadmes lugemiseks peate installima Adobe Digital Editionsi (Seeon tasuta rakendus spetsiaalselt e-raamatute lugemiseks. Seda ei tohi segamini ajada Adober Reader'iga, mis tõenäoliselt on juba teie arvutisse installeeritud )

    Seda e-raamatut ei saa lugeda Amazon Kindle's. 

Learn how to detect and prevent the hacking of medical equipment at hospitals and healthcare facilities. A cyber-physical attack on building equipment pales in comparison to the damage a determined hacker can do if he/she gains access to a medical-grade network as a medical-grade network controls the diagnostic, treatment, and life support equipment on which lives depend.

News reports inform us how hackers strike hospitals with ransomware that prevents staff from accessing patient records or scheduling appointments. Unfortunately, medical equipment also can be hacked and shut down remotely as a form of extortion. Criminal hackers will not ask for a $500 payment to unlock an MRI, PET or CT scan, or X-ray machinethey will ask for much more.

Litigation is bound to follow and the resulting punitive awards will drive up hospital insurance costs and healthcare costs in general. This will undoubtedly result in increased regulations for hospitals and higher costs for compliance. Unless hospitals and other healthcare facilities take the steps necessary to secure their medical-grade networks, they will be targeted for cyber-physical attack, possibly with life-threatening consequences.





Cybersecurity for Hospitals and Healthcare Facilities is a wake-up call explaining what hackers can do, why hackers would target a hospital, the way hackers research a target, ways hackers can gain access to a medical-grade network (cyber-attack vectors), and ways hackers hope to monetize their cyber-attack. By understanding and detecting the threats, you can take action nowbefore your hospital becomes the next victim.

What You Will Learn:















Determine how vulnerable hospital and healthcare building equipment is to cyber-physical attack Identify possible ways hackers can hack hospital and healthcare facility equipment Recognize the cyber-attack vectorsor paths by which a hacker or cracker can gain access to a computer, a medical-grade network server, or expensive medical equipment in order to deliver a payload or malicious outcome Detect and prevent man-in-the-middle or denial-of-service cyber-attacks Find and prevent hacking of the hospital database and hospital web application









































Who This Book Is For:





Hospital administrators, healthcare professionals, hospital & healthcare facility engineers and building managers, hospital & healthcare facility IT professionals, and HIPAA professionals
About the Author xiii
About the Technical Reviewer xv
Preface xvii
Introduction xix
Chapter 1 Hacker Reconnaissance of a Hospital Network
1(8)
Footprinting
2(2)
Scanning
4(2)
Enumeration
6(1)
Network Mapping
7(1)
Cyber-Threat Actors
8(1)
Chapter 2 How Hackers Gain Access to a Healthcare Facility or Hospital Network
9(10)
Phishing Attack
9(1)
Email Phishing Attack
10(1)
Man-in-The-Middle Attacks
10(2)
Pharming Attack
12(1)
Indirect Cyber-Attack
12(1)
Scareware
12(1)
Ransomware
12(2)
USB Stick
14(1)
Auto-Hacking Attack
15(1)
Backdoors
15(1)
Ad Hoc Network
15(1)
Unpatched Vulnerabilities
16(1)
Appliance Hacks
16(1)
Password Cracker
16(1)
Denial-of-Service Attack
17(1)
Black Hole Attack
17(1)
Secondary Entry Points
17(1)
Modems
18(1)
Rogue Access Points
18(1)
Chapter 3 Active Medical Device Cyber-Attacks
19(20)
Magnetic Resonance Imaging (MRI)
20(1)
X-ray Generator (X-ray)
21(1)
Infusion Pump
22(3)
Positron Emission Tomography (PET) Scanner
25(1)
X-ray Computed Tomography (CT) Scanner
25(1)
Defibrillators
26(1)
Medical Ventilator
26(1)
Anesthetic Machine
27(1)
Heart-Lung Machine
28(1)
Extracorporeal Membrane Oxygenation (ECMO)
28(1)
Dialysis Machine
28(1)
Medical Lasers
29(1)
Robotic Surgical Machine
30(1)
Medical Device Data Systems (MDDS)
31(1)
Active Patient Monitoring Devices
32(1)
Interoperable Medical Devices
33(1)
Medical Image Storage Devices
33(1)
Medical Image Communications Devices
34(1)
Medical Laboratory
34(1)
Electronic Health Records (EHR)
35(1)
Barcode Scanning Systems
36(3)
Chapter 4 Medical Facility Cyber-Physical Attacks
39(8)
Building Controls System
39(1)
Facility Equipment Controlled by the BCS
40(1)
BCS Network Vulnerabilities
41(1)
Preventing Hospital Building Equipment Damage
42(1)
Facility Equipment Cyber-Physical Attacks
43(1)
Steam Boilers
43(1)
Boiler Sequence Controller Hack
44(1)
Hot Water Heater Explosion
44(1)
Chillers
44(1)
Cooling Tower
44(1)
Backup Generator
45(2)
Chapter 5 Hospital Insider Threat
47(6)
Types of Insider Threats
47(3)
Types of Insider Cyber-Attacks
50(1)
Insider Hacking Tools
51(2)
Software
51(1)
Hardware
51(2)
Chapter 6 Detection of Cyber-Attacks
53(8)
Indicators of a Possible Cyber-Attack
53(1)
Cyber-Attack Detection Tools
54(1)
Intrusion Detection Systems
55(2)
Intrusion Detection System Alarms
57(1)
Intrusion Prevention System
57(2)
Firewalls
58(1)
Antivirus Programs
58(1)
Forensic Evidence of a Cyber-Attack
59(2)
Rootkits
59(1)
Run Intrusion Detection System
60(1)
Chapter 7 Preventing Cyber-Attacks
61(14)
Cyber-Hygiene
61(4)
Step 1 Physical Access to Equipment and Workplace
61(1)
Step 2 Eliminate Common MGN Vulnerabilities
62(1)
Step 3 Monitor Access to the MGN
63(2)
Network Procurement Documentation
65(3)
Discontinue Remote Connections to the Medical Equipment Network
68(1)
Implement Application Whitelisting
68(1)
Systematic Patch Management Regimen
68(1)
Reduce the Attack Surface
69(1)
Build a Defendable Network Environment
69(1)
Manage Authentication
69(1)
Monitor and Respond
69(1)
Do Not Use Medical Equipment Networks for Anything Else
69(1)
Cybersecurity Analysis Tools
69(3)
How to Avoid Phishing Scams
72(3)
Chapter 8 Cyber-Attack Response and Recovery Planning
75(4)
Developing a Response and Recovery Plan
75(1)
Incident Response Teams
76(1)
Recovery Phases
77(1)
Phase 1 Detection
77(1)
Phase 2 Mitigation
77(1)
Phase 3 Recovery
78(1)
The After Action Report
78(1)
Chapter 9 Appendix. Cyber-Attack Response Procedures Template
79(46)
Hospital Cyber-Attack Response Procedures
81(1)
Intrusion Detection System Alerts
81(2)
Cybersecurity Contacts
83(1)
Cybersecurity Breach Reporting Form -- Page 1
84(1)
Cybersecurity Breach Reporting Form -- Page 2
85(1)
Incident Response Team Strategy Meeting Form
86(1)
Cyber-Event Diagnostics Table
87(2)
Integrity Check Table
89(1)
Hospital Building Inspection -- Page 1
90(1)
Hospital Building Inspection -- Page 2
91(3)
Other Hospital Equipment to Be Checked
92(2)
Cyber Event Ticket
94(2)
Equipment or Service Failure Report
96(3)
Hospital Incident Response Team Member Listing
99(1)
Repair Work Order Listing
100(1)
Recovery and Device Reintegration
101(2)
Building Controls System Recovery and Reintegration
103(2)
Building Controls System Field Test
105(1)
Operational Security Log
106(1)
Medical Network Recovery and Device Reintegration
107(2)
Hospital Data Network Information
109(3)
Building Controls System Network Information
112(3)
Medical Device and Equipment Vendor Contact List
115(2)
List of Authorized Maintenance Laptop Computers
116(1)
Vulnerability Assessments History
117(1)
Types of Internal and External Vulnerability Tests
117(1)
Vulnerabilities Notifications Reports
118(1)
Hospital Data Network Vulnerabilities Notifications Report
119(2)
Hospital Data Network Software Management Report
120(1)
Building Controls System Network Vulnerabilities Notifications Report
121(2)
Building Controls System Network Software Management Report
122(1)
Medical Device Data System Vulnerabilities Notifications Report
123(1)
Medical Device Data System Software Management Report
124(1)
Index 125
Luis Ayala is a Senior Technical Expert in the Department of Defense responsible for design, construction, and operation of Intelligence Community facilities worldwide. He is a licensed architect and holds a classified Master of Science in Technology Intelligence Degree from the National Intelligence University.
Lisainfo e-raamatute kohta Lisainfo e-raamatute kohta
Püsilink: https://www.kriso.ee/db/97814842215562e.html
Märksõnad: