BSides Oslo 2023 on September 21, 2023 at Vulkan Arena - Inside the Cyber Operating Room: Delving into Medical Device Digital Forensics

Inside the Cyber Operating Room: Delving into Medical Device Digital Forensics

  • Length: 45 minutes.
  • Scheduled: 13:55 (UTC+2)

In an ever evolving healthcare landscape that is driven mostly by technological advancements, ensuring the security and availability of medical devices is crucial. The focus of these devices is to provide supportive medical care to patients. This is where bits and bytes meet blood and flesh.

The ever-changing landscape does present a unique challenge in DFIR (digital forensic incident response). In this talk, we step into the cyber operating room to dissect the complexities, processes, and potential solutions involved in conducting forensics on a medical device. Did you know that cyber breaches within hospitals have increased by 200% in the last year? This means that we need to deal with vulnerable medical devices and cyber breaches that may contain medical devices.

Medical devices are often seen as magical devices that have magical powers to keep humans alive. But when you dissect it down to the bits and bytes, there are commonalities that allow for old forensic techniques to be applied in new ways. Step into the Cyber Operating Room with us and embark on a journey where we confront the challenges of medical device forensics head-on.

Through knowledge, collaboration, and innovative solutions, we can ensure the safety, privacy, and reliability of medical devices in the face of evolving cyber threats. The talk will contain real life examples and walkthroughs of forensics on actual medical devices.

Veronica Schmitt

Veronica Schmitt

Veronica started her forensic career in 2008. Veronica is also an assistant professor at Noroff University in Norway, where she replaced a warm climate with a more adventurous one. Veronica holds a Master in Science at Rhodes University in Information Security with a specialisation in the forensic analysis of malware. She is currently doing her PhD in cybersecurity at the University of Plymouth in the UK. Her PhD is about designing robust logs for medical devices. She prides herself on keeping patients safe, as this is something close to her heart (quite literally). She is also a cyborg, sporting an embedded medical device herself. She is also a DEF CON goon, and she is the founder of DC2751, and the OWASP Kristiansand project. She has a love for all things ransomware and understands the low level details forensically.

Her particular research interests include research into security vulnerabilities in medical devices forming part of the Internet of Things, and how these could be exploited by malicious attackers, as well as what types of forensic artefacts could be identified from any attacks. She believes that incident response should be something that is continuously done and improved on. She is extremely passionate about protecting people whose lives depend on these medical devices, and her passion led her to become a researcher within an MDM. She is also developing a digital forensics and incident response approach dealing specifically with implanted medical devices and medical devices installed within a healthcare setting. At her core, Veronica is a forensicator and hacker, in love with every bit, byte, and nibble of knowledge she has obtained. She has a strong belief that the o in logs stands for observability. Knowing what a problem is is half the battle, she believes.

Emlyn Butterfield

Emlyn Butterfield

Emlyn is Head of Computing and Programme Leader for the Bachelor in Digital Forensics at Noroff University College. Prior to moving to Norway Emlyn developed and ran undergraduate and postgraduate awards in digital forensics and cyber security in the UK. Emlyn Emlyn has experience of providing both professional and expert verbal evidence in Crown Court and tribunals, and providing technical expertise and guidance to both the prosecution and defence. Emlyn’s experience brings together the worlds of academia and industry. He is also the co-founder of OWASP Kristiansand project.