2024-12-14 –, Track 3
In recent years, healthcare institutions have become prime targets for cyber attackers. The sector, suffering from a lack of resources and limited knowledge of the specific protocols related to its operations, remains particularly vulnerable despite advancements in detection systems. This reality raises crucial challenges in a field where protecting data is as vital as patient care.
This presentation focuses on the DICOM protocol, its functionality, and its use in medical imaging. We will explain why it has become a prime target for cyber attackers and reveal an offensive tool capable of extracting data from a DICOM server.
Finally, we will discuss current protection methods, their limitations, and present concrete measures to strengthen the security of these critical infrastructures.
By attending this conference, you will gain a deep understanding of the DICOM protocol, its vulnerabilities, and the best ways to prepare for emerging threats and future risks.
By the end of this presentation, you will have acquired in-depth knowledge of the DICOM protocol, its use in the medical field, and its technical format. You will understand the dangers of exposing DICOM servers on the web, as well as the risks to the security of medical data within healthcare infrastructures. Additionally, you will discover an offensive tool illustrating methods for extracting sensitive data from a medical server and learn how to identify signs of malicious activity to better prevent and counter these threats.
I’m 0xSeeker, currently CTI & CTH analyst in the purple team @Gatewatcher. Part of my cybersecurity experience, I've spent 6 years focusing on red team and CTI on industrial area.