Cyberwar Gaming Prompts Healthcare Attacks
The government and military have been executing war gaming exercises to practice their attack and response capabilities. Now a day, due to the high-profile data breaches and intensified regulatory pressure, some private sector enterprises are using cyber war games in order to test their ability to respond to cyber incidents.
Last week in County West General Hospital, the IT staff observed that the kickoff off round of FDA testing for a new drug from Bromley Weyland Pharmaceuticals seemed to be subverted.
Patients in the study examined their monitor readings run the gambit of extremes. IT staff got anxious when data was being changed as they monitored the critical situation. There was an indication that someone has hacked the hospital network and that was an inside job. Fortunately, it was just an incitement at a fictional healthcare facility and the ten teams hacking into the live network were all Symantec employees who had been given the right to be a part of the company’s three-day 2015 CyberWar Games held in Mountain View, CA.
“This is helping us provide quicker, more contextual input into attacks for our customers,” said Samir Kapuria, General Manager, Cyber Security Services at Symantec. The main purpose was to motivate non-security experts to think out of the box.
The planning for creating a healthcare environment began six to eight months for this year’s healthcare scenario. “You’ve got a pharmaceutical department out there, a hospital with patients, a molecular science department, a POS system –you’ve got the whole ecosystem,” Kapurla said. It is not like hacking one company; there are inter-dependencies.
The medical devices used in the hospital were legal even though all branding was removed for the exercise. One million personal health records had been generated by a team at Symantec so that the teams would experience the immensity of encountering such a database in the real world.
Last week in County West General Hospital, the IT staff observed that the kickoff off round of FDA testing for a new drug from Bromley Weyland Pharmaceuticals seemed to be subverted.
Patients in the study examined their monitor readings run the gambit of extremes. IT staff got anxious when data was being changed as they monitored the critical situation. There was an indication that someone has hacked the hospital network and that was an inside job. Fortunately, it was just an incitement at a fictional healthcare facility and the ten teams hacking into the live network were all Symantec employees who had been given the right to be a part of the company’s three-day 2015 CyberWar Games held in Mountain View, CA.
“This is helping us provide quicker, more contextual input into attacks for our customers,” said Samir Kapuria, General Manager, Cyber Security Services at Symantec. The main purpose was to motivate non-security experts to think out of the box.
The planning for creating a healthcare environment began six to eight months for this year’s healthcare scenario. “You’ve got a pharmaceutical department out there, a hospital with patients, a molecular science department, a POS system –you’ve got the whole ecosystem,” Kapurla said. It is not like hacking one company; there are inter-dependencies.
The medical devices used in the hospital were legal even though all branding was removed for the exercise. One million personal health records had been generated by a team at Symantec so that the teams would experience the immensity of encountering such a database in the real world.
