Learn how to detect and prevent the hacking of medical equipment at hospitals and healthcare facilities. A cyber-physical attack on building equipment pales in comparison to the damage a determined hacker can do if he/she gains access to a medical-grade network as a medical-grade network controls the diagnostic, treatment, and life support equipment on which lives depend. News reports inform us how hackers strike hospitals with ransomware that prevents staff from accessing patient records or scheduling appointments. Unfortunately, medical equipment also can be hacked and shut down remotely as a form of extortion. Criminal hackers will not ask for a $500 payment to unlock an MRI, PET or CT scan, or X-ray machine-they will ask for much more. Litigation is bound to follow and the resulting punitive awards will drive up hospital insurance costs and healthcare costs in general. This will undoubtedly result in increased regulations for hospitals and higher costs for compliance. Unless hospitals and other healthcare facilities take the steps necessary to secure their medical-grade networks, they will be targeted for cyber-physical attack, possibly with life-threatening consequences. Cybersecurity for Hospitals and Healthcare Facilities is a wake-up call explaining what hackers can do, why hackers would target a hospital, the way hackers research a target, ways hackers can gain access to a medical-grade network (cyber-attack vectors), and ways hackers hope to monetize their cyber-attack. By understanding and detecting the threats, you can take action now-before your hospital becomes the next victim. What You Will Learn: Determine how vulnerable hospital and healthcare building equipment is to cyber-physical attack Identify possible ways hackers can hack hospital and healthcare facility equipment Recognize the cyber-attack vectors-or paths by which a hacker or cracker can gain access to a computer, a medical-grade network server, or expensive medical equipment in order to deliver a payload or malicious outcome Detect and prevent man-in-the-middle or denial-of-service cyber-attacks Find and prevent hacking of the hospital database and hospital web application Who This Book Is For: Hospital administrators, healthcare professionals, hospital & healthcare facility engineers and building managers, hospital & healthcare facility IT professionals, and HIPAA professionals

Learn the threats and vulnerabilities of critical infrastructure to cybersecurity attack. Definitions are provided for cybersecurity technical terminology and hacker jargon related to automated control systems common to buildings, utilities, and industry. Buildings today are automated because the systems are complicated and so we depend on the building controls system (BCS) to operate the equipment. We also depend on a computerized maintenance management system (CMMS) to keep a record of what was repaired and to schedule required maintenance. SCADA, BCS, and CMMS all can be hacked. The Cybersecurity Lexicon puts cyber jargon related to building controls all in one place. The book is a handy desk reference for professionals interested in preventing cyber-physical attacks against their facilities in the real world. Discussion of attacks on automated control systems is clouded by a lack of standard definitions and a general misunderstanding about how bad actors can actually employ cyber technology as a weapon in the real world. This book covers: Concepts related to cyber-physical attacks and building hacks are listed alphabetically with text easily searchable by key phrase Definitions are providesd for technical terms related to equipment controls common to industry, utilities, and buildings-much of the terminology also applies to cybersecurity in general What You'll learn Get a simple explanation of cybersecurity attack concepts Quickly assess the threat of the most common types of cybersecurity attacks to your facilities in real time Find the definition of facilities, engineering, and cybersecurity acronyms Who This Book Is For Architects, engineers, building managers, students, researchers, and consultants interested in cybersecurity attacks against facilities in the real world. Also for IT professionals getting involved in cybersecurity responsibilities.

This book provides a template with step-by-step instructions on how to respond and recover when hackers get into your SCADA system and cause building equipment to act erratically or fail completely. When hackers shut off the water, turn off the building power, disable the sewage effluent pumps and activate the fire alarm, you have to do something quick. It is even more alarming that hackers can do all those things at the same time-even from the other side of the planet. Not every equipment failure or power outage is a cyber-physical attack. When your building is attacked, you probably won't suspect it was a hacker-until you see a pattern. The building control system (BCS) will act "squirrelly" and you will know-it really is a cyber-physical attack. Once a cyber-physical attack occurs, it can mean years of court cases, job losses, higher insurance rates, and maybe even criminal litigation. It also takes years to overcome the loss of safety credibility to your employees and the local community. Cyber-Physical Attack Recovery Procedures provides a detailed guide to taking the right steps ahead of time, and equipping your facility and employees with the training, knowledge, and tools they need and may save lives. The book contains: A one-of-a-kind action plan describing how hackers attack building equipment, the extent of damage possible, and how to respond when a cyber-physical attack occurs. Detailed descriptions of cyber-physical attacks directed against SCADA systems or building controls, as well as cyber booby traps Invaluable appendices, including: Emergency Procedures, Team Staffing and Tasking, Alternate Site Procedures, a Documentation List, Software and Hardware Inventories, Vendor Contact Lists, External Support Agreements, and much more. What you'll learn Possible ways hackers can cause building equipment to fail. How to quickly assess the threat to his facilities in real time, how to stop a cyber-physical attack. How to restore equipment operation without doing any more damage. Who This Book Is For Architects, Engineers, Building Managers, Students, Researchers and Consultants interested in cybersecurity-attacks against facilities in the real world. Also for IT professionals getting involved in cybersecurity responsibilities.