This is one of those case studies that gives you goosebumps thinking about the current state of cybersecurity in the healthcare industry. For example, a medical laser being infected by malware. Read on for the details.
The Organization
A regional health system with more than 13,000 employees
The Environment
- 300+ Locations
- 100+ Communities
The Situation
The organization has a predominately Cisco network infrastructure. Their existing technology lacked the ability to prevent or detect malicious files from entering their environment.
The Solution
Infogressive deployed an advanced malware prevention solution.
The Results
Upon deploying the technology, a number of existing assets were found to be already compromised and communicating with command and control infrastructure. Included in those compromised hosts was a system infected with a Conficker variant. That system was a controller for a laser designed to cut out cancer cells and tumors.
The State of Embedded Healthcare Systems
When this healthcare organization contacted the manufacturer of the laser to address the Conficker infection, the response was along the lines of “You can’t patch or edit the embedded operating system as it will void your warranty.” The decision was made by the organization to just segment the laser system behind a firewall so that it wouldn’t spread to the rest of the environment and go about business as usual, leaving the malware infected machine to perform life-saving procedures.
Hear the case study from the view of our Founder and CEO, Justin Kallhoff: