Michael Aguilar (v3ga)
A Backdoor Into My Heart: Connected Medical Device Security in the 21st Century
Bio:
Michael Aguilar (v3ga) is a Principle Consultant for Secureworks Adversary Group. He runs Adversary Simulation operations, Physical Security and Network/Web based assessments. When not doing computer things, he (I) read a lot and like to run to de-stress.
Abstracts:
Talk:
A Backdoor Into My Heart: Connected Medical Device Security in the 21st Century
We are at an advanced age in technology. In every facet, AI seems prevalent, leading many to assume that cybersecurity practices are as advanced as the newest technologies they see daily. With recent FDA updates to Cybersecurity, it is now "expected" that no security "vulnerabilities" exist in these devices before they are sold. Artifacts presented for FDA 510-k submissions include results from Penetration Tests and Adversary Simulations, but are the results any good? Do they address modern flaws in the Operating System or Technology Stack?
This talk will be a deep dive into the world of connected medical devices, the flaws experienced, my methodology and some walkthroughs of several CVE's I have located during device testing at Defcon's Biohacking Village device lab, some interesting war stories. I will also cover unreleased flaws in various medical devices without naming and shaming.
Workshop:
Med Team vs Red Team: Adversarial Medical Device Testing 101
Connected medical device and medical device security assessments utilize a varying and wide range of practices, from reverse engineering to hardware exploitation. If you have everbeen curious about how to get started, this is the class for you. We will be covering how to get started in Adversarial Device testing, tooling, tactics and certain bypasses to restrictionsyou may encounter during testing these devices. Use the tactics learned to exploit devices within the Device Lab!
Description:
- Students should have a basic understanding of general Operating Systems such as Windows and Linux.
- Recommended to have a Windows VM (Win 10 with Visual Studio for C# programming) and Linux VM (Kali or other with MSFVenom,Metasploit,Python3, Python3 pip, boofuz (pip install))
- If you do not have a VM that is OK, we will be coding on the screen for examples used in the course.
Topics:
- Attacks against medical protocols like HL7 and DICOM.
- Effective use of tools such as Bash Bunny, Flipper Zero and PCI Screamer against target systems.
- Kiosk Breakouts!!!!
- System / Antivirus / Applocker bypasses against Windows Systems
- Linux Library Hijacking and exploitation
- Post exploitation methodology and reverse engineering tactics to locate vulnerabilities such as static encryption keys and hardcoded passwords.