News & Blog

Hospital under the hackers attack!

Hospital under the hackers attack!

The CSIRT team coordinator has received an information about the data breach and immediately issued instructions for the monitoring team to identify where the attack was coming from. Subsequently, the FW team blocked the communication channels through which the attacker was stealing the data. However, it was not possible to avert the attack … Fortunately, it is all just a game we prepared.

The world in which we live and work is exposed to an increasing number of hacker attacks that can not only disrupt the system and take control of it but also endanger human lives. Based on the experience gained from real hacker attacks we designed the second game of Guardians 2018, which goal was, again, the defense of a hospital.

Guardians 2018 as an educational activity

One of the many possible ways of preventing hacker attacks is through educational activities for students of IT departments. In a simulated and controlled situation, they can try to defend an IT environment directly under a hacker attack (by white hat hackers). This is the sort of training we provide to our clients, where our team adapts a simulated environment to the realistic image of our client’s IT infrastructure.

For the Guardians 2018, we have prepared a simulated hospital environment in which six students could test their abilities and experience proper hacker attacks.

Hospital paralyzed

Hackers were interested in accessing patients’ health records and internal communication between doctors, cracking hospital’s ordering systems and websites and gaining control over smart technology used in the building.

Guardians 2018 consisted of complex attacks without a possibility of direct detection and of so-called “brute-force” attacks. The students’ role was to block these attacks, analyze them and reveal the source and other details, including weaknesses and vulnerabilities.

These have been six hours of various attacks and incursions in the unknown environment under high levels of stress and pressure, with the team coordination being taken to its limits and the ‘guardians’ being defeated. Ultimately, Guardians 2018 was an authentic simulation and intense learning exercise, with students rating it as an excellent experience.

Students used all their abilities and skills

“One really sweats it out,” said Michal, who became the coordinator for the guardians’ team. Each of the students had a role – they were all responsible for hospital network facilities, file analysis, attack monitoring and detection, and two of the students also served as system administrators. “I was able to reveal some of my shortcomings, what I should improve, but also reaffirm what I am good at. I think everyone in the game used all their skills and knowledge,” added Michal.

A student and a member of the team, Jana, said: “I became interested in ethical hacking and I would like to continue with it. The boys were smart and I think we all had a good connection with each other and were able to create a team. It was challenging because we did not know each other before. During Wargame, however, we had to make a quick move and act.”

The game was based on real conditions

The simulation of the hospital attack was designed in such a way as to be able to show real conditions as faithfully as possible. “We designe the game environment based on the real conditions of our clients,” said Pavol Draxler, the director of the company.

After the success of Guardians 2018, foreign partners expressed an interest in collaboration for the next year, which means that the next game of Guardians could be held with several teams and internationally. If you are interested to join the game next year or have the training prepared for your company, please contact us.

Subscribefor more usefull articles


I agree and consent to and want to receive useful articles (Newsletter) by email from company Binary Confidence that contain useful articles and information from IT Security industry or about security projects or achievements of this company. Company Binary Confidence will not share my personal data with any third party for marketing or other purposes. other recipients, except company MailChimp that provides platform for sending our useful articles (Newsletters). I can withdraw my consent at any time on info@binconf.com or on +421 232199980 or by opt out link in each Newsletter email. I have read and understood the Privacy Policy and I agree how my personal data are processed and what my rights are in respect of processing my personal information for purpose of subscription for useful articles (Newsletter). I declare that I am over 16 years old.

Contact

Address

Binary Confidence s.r.o.
Špitálska 53,
811 01 Bratislava
Slovak republic

E-mail

info@binconf.com
support@binconf.com

Telephone

+421 2 321 999 80

I agree with Privacy and Data Protection Policy
By clicking [I agree] you consent to processing your personal data by company Binary Confidence s.r.o. and you accept Privacy and Data Protection Policy.