Hackers are breaking through into the networks defenses of all types of businesses, in spite of elaborate security measures.
How do they do it? Elliott Frantz knows and is going to show the tools and methods used by hackers. The founder and CEO of Virtue Security, Frantz specializes in healthcare and finance security and will demonstrate the process used by hackers at the show floor at HIMSS15.
“We will be there showing off some hardware. To try and make things more ‘real’ for people I'm setting up our GPU cluster that we use for cracking wpa2 passwords,” Frantz told Healthcare IT News. “Where a high-powered laptop can attempt 3,000 or 4,000 tries per second, by using an array of graphics cards we can get close to a million tries per second.”
That’s GPU as in graphics processing unit cards, common hacker tools because they house more complex mathematical instructions embedded in the hardware, Frantz says, and are thus considerably faster than central processing units while also being less expensive. For those reasons, GPUs are particularly attractive to cybercriminals building gigantic GPU farms in places where power is cheaper, notably, China to crack passwords and mine Bitcoin.
While the GPU cluster Frantz plans to showcase will visualize the realities of information security for healthcare professionals, it’s only one aspect of Virtue Security’s business. The firm also offers network penetration testing and Web application security – both of which it will be demonstrating at the conference.
Web application security testing is just starting to pick up steam among healthcare entities and Frantz expects that will continue as the sector becomes more of a target because even small vulnerabilities can prove severe in unexpected ways.
One thing high profile hacks like those at Anthem and Sony have in common is that they almost always “start with one machine,” Frantz explained. “They start with one breach and then keep going until the next thing you know they’ve reached your most critical juncture.”
That gets particularly thorny in healthcare because of strong HIPAA regulations and heavy fine, as well as the fact that apps with ultra-sensitive data tend to me more interconnected than just about any other industry, Frantz added, as they interact with varying other apps, devices and vendors.
With all that in mind, are there likely to be any criminal hackers prowling around HIMSS in search of prospective targets?
“I can’t predict the future or tell you if it will rain during HIMSS,” Frantz said. “But people should always suspect somebody out there is up to no good.”
Virtue’s demonstration will be at Booth 8422 in the North Hall.
