Carrying our Insecurities with Us The Risks of Implanted Medical Devices in Secure Spaces

Channel:
United States All Hacking Cons
Subscribers:
6,000
Published on ● Video Link: https://www.youtube.com/watch?v=fCLVHXCwKN0


Duration: 39:45
7 views
0

Alan Michaels | Director, Electronic Systems Lab, Virginia Tech Hume Center
Date: Wednesday, August 5 | 10:00am-10:40am
Format: 40-Minute Briefings
Tracks: Policy, Human Factors

This talk explores the contradiction of allowing increasingly smart Implanted Medical Devices (IMD) in secure spaces through the combination of policy amendments and technical mitigations. The number of IMDs in use in the United States has been steadily increasing as new technologies emerge and improve. In the context of the U.S national security workforce, current guiding policy prohibits the possession and use of many portable electronic devices (PEDs) and "smart" devices, including smart IMDs, in secure spaces. Given that these smart devices are increasingly connected by two-way communications protocols, have embedded memory, possess a number of mixed-modality transducers, and are trained to adapt to their environment and host with artificial intelligence (AI) algorithms, they represent significant concerns to the security of protected data, while also delivering increasing, and often medically necessary, benefits to their users. By analyzing the risks and benefits of various policy considerations, we conclude that there is a need to amend Intelligence Community Policy Memorandum (ICPM) 2005-700-1, Annex D, Part I to include smart IMDs to remain compliant with Intelligence Community Policy Guidance (ICPG) 110.1. Additionally, we propose a series of technical and policy mitigations applicable to these smart IMDs that balance the simultaneous constraints of medical necessity and security.

Black Hat - USA - 2020 Hacking conference
#hacking, #hackers, #infosec, #opsec, #IT, #security



Other Videos By All Hacking Cons


2022-01-09Experimenting with Real Time Event Feeds
2022-01-09My Cloud is APT's Cloud Investigating and Defending Office 365
2022-01-09Building a Vulnerability Disclosure Program that Works for Election Vendors and Hackers
2022-01-09EtherOops: Exploring Practical Methods to Exploit Ethernet Packet-in-Packet Attacks
2022-01-09Exploiting Kernel Races through Taming Thread Interleaving
2022-01-09Needing the DoH: The Ongoing Encryption and Centralization of DNS
2022-01-09Building Cyber Security Strategies for Emerging Industries in Sub Saharan Africa
2022-01-09FASTCash and INJX Pure How Threat Actors Use Public Standards for Financial Fraud
2022-01-09CloudLeak: DNN Model Extractions from Commercial MLaaS Platforms
2022-01-09NoJITsu: Locking Down JavaScript Engines
2022-01-09Carrying our Insecurities with Us The Risks of Implanted Medical Devices in Secure Spaces
2022-01-09Finding New Bluetooth Low Energy Exploits via Reverse Engineering Multiple Vendors' Firmwares
2022-01-09Compromising the macOS Kernel through Safari by Chaining Six Vulnerabilities
2022-01-09Office Drama on macOS
2022-01-09Fooling Windows through Superfetch
2022-01-09A Decade After Stuxnet's Printer Vulnerability Printing is Still the Stairway to Heaven
2022-01-09Decade of the RATs Custom Chinese Linux Rootkits for Everyone
2022-01-09Hacking Public Opinion
2022-01-09IMP4GT IMPersonation Attacks in 4G NeTworks
2022-01-09A Framework for Evaluating and Patching the Human Factor in Cybersecurity
2022-01-09Demigod The Art of Emulating Kernel Rootkits


Tags:
data
hacker
security
computer
cyber
internet
technology
hacking
attack
digital
information
hack
online
crime
code
web
concept
thief
protection
scam
fraud
malware
secure
identity
phishing
software
access
safety
theft
firewall
communication
business
privacy
account
spy
programmer
program
spyware
hacked
hacking conference
conference
learn
how to
2022
2021
cybersecurity
owned
break in
google
securing
exploit
exploitation
recon
social engineering
Alan Michaels
Human Factors
Policy