Risk Management Webinar Series - MedmarcStep 1 Perform a Traditional Security Assessment Open source...

CYBER BREACH

Tactical Network Solutions LLC Proprietary Information [email protected] 1

Preventing Bodily Injury and Property Damage

mailto:[email protected]?subject=

THE WORLD WE KNOW TODAY



INTERNET SECURITY CAMERAS



IoT BOTNET



WE WARNED YOU IN 2013



BUT YOU STILL GOT SUED



AND THE BEAT GOES ON…



MEDICAL DEVICES



THE STORY



VERSUS



THE COST



ELEMENT


IMPACTFraud losses, legal fees,new security measures

$Millions to $Billionsin costs


ELEMENT




Drop in stock & profits 5% to 10% drop in stock


ELEMENT




Drop in stock & profits 5% to 10% drop in stock

Brand valueBrand index scores immediately drop to negative


ELEMENT


IMPACT

Credit rating S&P cuts credit rating


ELEMENT


IMPACT


Job security Executive shake-ups


ELEMENT


IMPACT


Job security Executive shake-ups

Customers leave Some customers never return


DISCOVERING ATTACK VECTORS



AS EASY AS 1, 2, 3

Tactical Network Solutions LLC Proprietary Information [email protected]

Step 1 Unpack the Firmware ImageOpen source tool called binwalk can unpack most firmware images.

Step 2 Analyze Executable Binaries and System FilesLook for low-hanging fruit like insecure coding practices and hidden private crypto keys.

Step 3 Fix, Compile, RepeatReplace insecure coding practices with secure methods. Remove all private crypto keys. Recompile code. Re-examine.

30


BUT MY SOURCE CODE IS SECURE!



HOW TO MITIGATE CYBER SECURITY RISKSIN CONNECTED MEDICAL DEVICES


Step 1 Perform a Traditional Security AssessmentOpen source tools such as Nmap, Nessus, and Metasploit can help.

Step 2 Perform Blackbox Testing with FuzzingOpen source tools: w3af, Wfuzz, Wapiti. Commercial tools: Defensics.

Step 3 Perform a Firmware EvaluationOpen source tool: binwalk, gdb, OllyDbg. Commercial tools: Centrifuge Security Platform.

40


WHO ISTACTICAL NETWORK SOLUTIONS



Founded 2007


Founders are former NSA/TAO employeesOffensive cyber operations focus12 Employees

42


MANAGEMENT TEAM


Terry Dunlap, Founder & CEONational Security Agency - 7 years experienceComputer Network Exploitation wireless tool developmentActing Branch Chief

Peter Eacmen, Co-Founder & CTONational Security Agency - 10+ years experienceComputer Network Exploitation tool developmentClose access operation supportEmbedded directly with USSOCOM unit at NSA

43


FIRMWARE EVALUATION TEAM


10 EmployeesFormer NSA Computer Network Exploitation specialists in firmware reverse engineering

44


CUSTOMERS



CONTACT


Terry [email protected] (C)

Peter [email protected] (C)

Tactical Network Solutions LLC8825 Stanford Blvd., Suite 308

Columbia, MD 21045(443) 276-2990

46


mailto:[email protected]


Risk Management Webinar Series - MedmarcStep 1 Perform a Traditional Security Assessment Open source...

Documents

Transcript of Risk Management Webinar Series - MedmarcStep 1 Perform a Traditional Security Assessment Open source...