Secureworks researchers recently took first place at Defcon’s Biohacking Village Capture The Flag competition, under the direction of Dragos Ionica. Their team discovered serious medical device vulnerabilities.
Join attendees, featured inventors, world-class makers, cybersecurity researchers, self-made entrepreneurs & workshop experts as they work together in an environment where biology meets bits.
Uncover the Unknown
Defcon Biohacking Village is a place where technology and biology collide. Here, hackers, cybersecurity specialists, biologists, and biologist come together to test their abilities in hacking DNA or discovering vulnerabilities in medical devices.
Defcon is one of the world’s premier hacker conventions, and this year’s biohacking village will be an emphasis. Comprised of four villages and an immersive challenge, Defcon provides a platform for talks, workshops, demonstrations and hands-on demonstrations related to biohacking. Furthermore, Capture-the-Flag (CTF) competition focusing on medical device security will take place; participants can earn bonus points by discovering vulnerabilities.
Defcon’s Biohacking Village will offer medical device manufacturers and security researchers a forum to share and discuss the latest research into healthcare IT security, with demos of cutting-edge biotech, mHealth, and security technologies on display.
Though research can be fascinating, medical devices still remain vulnerable to being compromised. Although researchers have made strides toward increasing security for these devices, older implants cannot be easily replaced; leaving these patients at risk of having their data stolen or their implants altered.
Biohacking Village attendees include security researchers, hackers, biologists and others with an interest in exploring the intersection of science, health and technology. While they come from all different backgrounds and perspectives to the convention, all share an enthusiasm for exploring life-altering technologies that could save lives.
Therefore, their talks are both thought-provoking and entertaining, providing a platform for those wanting to take the next step on their hacker journey. A BHV speaker may talk about garage science experiments or ways in which technology has enabled them to overthrow bureaucracy – providing inspiration for others to carry out their own ideas with technology.
Collaborate and Create
At Defcon’s Biohacking Village, you can put your hacking skills through their paces in an exhilarating new arena. From DNA hacking to uncovering medical device vulnerabilities, be a part of this exciting revolution as biology meets technology!
The Biohacking Village supports cybersecurity research, DIY biomedical technology and Citizen Science communities that contribute to healthier tech and people. Medical device makers also benefit from collaborations with independent security researchers that allow them to coordinate vulnerability discoveries with product development lifecycle processes to reduce risks – an opportunity they should not miss! This unique resource must not go unused.
Medical devices are among the most complex pieces of technology to hack. Their delicate nature makes them attractive targets for security researchers. This year, representatives from several large medical device manufacturers took part in the Village; this is an encouraging sign as it shows their willingness to prioritize security and take measures to protect their products from cyber security risks.
At Defcon’s various villages, talks, workshops, and discussions cover an array of topics. For example, Biohacking Village focuses on hacking medical devices and healthcare while Voting Machine Hacking Village tackles protecting voting machines and networks; finally ICS (Industrial Control Systems) Village equips industry and policymakers to better secure industrial equipment through awareness training education and policy initiatives.
At Defcon, you’ll gain insight from some of the best hackers around through talks, presentations and demonstrations from top hacker experts. Popular sessions at this year’s convention include Wall of Sheep demonstrating how easy it is to hack mobile devices; Capture the Flag cyber defense competition has also become an annual tradition at this conference for decades now;
No matter which side of the debate you fall on, Defcon offers something for everyone. Aside from talks and presentations by industry professionals, numerous workshops and trainings provide attendees with opportunities to expand their skillset – these include topics such as forensic analysis, countermeasures against cyber attacks, etc.
Ethical Hacking for the Greater Good
Medtronic has long been an active participant of DEFCON’s annual Biohacking Village, where medical devices are put through their paces in front of some of the world’s top hackers and pentesters. Participants at this year’s challenge aimed to identify vulnerabilities in medical devices which would otherwise be difficult to uncover – including security risks in telemedicine devices that connect patients to doctors.
Ethical hacking can be a controversial issue; its value depends on its motivations for its practitioners. Some ethical hackers may simply enjoy poking around systems for fun; this curiosity could be put to good use by reporting any flaws they find responsibly. Other ethical hackers could be driven by an urge to make the world safer by closing gaps in cybersecurity that malicious actors might exploit.
No matter their motivations, white hat hackers are highly skilled and indispensable contributors to cybersecurity communities. Large companies as well as government intelligence services enlist these hackers’ services to protect critical infrastructure sectors; performing supervised attacks that expose holes in an organization’s cybersecurity, potentially saving it from devastating hacks.
Mark Litchfield is one of many ethical hackers renowned for discovering major bugs in websites and applications which earned him millions in rewards – earning his respect as well as lucrative salaries in the process.
As healthcare and cybersecurity merge, it is vital that we harness hackers’ skills for good. Doing so can ensure patient safety and safeguard vulnerable populations; in addition to uncovering medical device security flaws within these “villages”, hackers may help identify new methods of data encryption as well as help us prepare for emerging technologies like CRISPR gene editing.
Innovative Talks & Panels
The Biohacking Village strives to innovate, evolve and revitalize healthcare innovation in an action-oriented environment. Drawing together voices who see “code” as genetic material; “subroutines” as organic processes; and “programs” as life itself, its diverse community engages in action-oriented reinvention via hands-on playback.
This year’s Biohacking Village features an exciting and interactive range of educational and experiential experiences designed for participants of all skill levels. These range from an immersive Capture the Flag contest in a hospital environment to table top exercises held within ICS Village; offering plenty of opportunity for exploration and education for everyone present.
Biohacking Village: Device Lab’s Capture the Flag challenge offers participants of all skill levels the chance to hack real medical devices and protocols such as DICOM, HL7, and FHIR environments – challenging even the best hackers or medical sleuths – in an intense race against time to protect patient lives and public safety.
The Industrial Control System Village offers attendees of all skill levels an immersive experience to test the security of real industrial equipment like PLCs, HMIs and Remote Telemetry Units. Through interactive tabletop exercises they are able to connect their laptops and use common tools for security assessments on these critical systems; learning exploitation techniques, threat modeling techniques and potential real world ramifications of vulnerabilities within these critical industries.
At the IoT (Internet of Things) Village, attendees can test their skills against commercial IoT devices that contain many known vulnerabilities. It provides the ideal setting to experiment with various exploiting, evasion, persistence and obfuscation techniques while competing against fellow defenders.
The AppSec (Application Security) Village hosts talks from various experts on the latest in software security. Here you’ll be able to practice your craft and meet like-minded individuals; whether red or blue teamers alike can attend. There will also be plenty of challenges, from deserialization attacks to full application layer bypass attempts; in addition to numerous social engineering and physical security talks that showcase magic tricks, sleight-of-hand, and con games!
