Amphia Hospital x Red Teaming
Hospitals are becoming more modern and more efficient. This, of course, has great benefits for the quantity and quality of patient care. However, this modernization also brings along more digital risks, raising questions such as: How do you ensure that patients and data are safe? What risks do we face and what can we do about them?
About Amphia Hospital
Amphia is the top clinical hospital in Breda. Amphia revolves around people and their health. About 5000 employees provide the best care for each unique patient on a daily basis.
Amphia is one of the largest STZ-hospitals in the Netherlands and is dedicated to patient-centered scientific research, top clinical care and education. All this takes place in the new, modern hospital, which is fully equipped for the future.
"At Amphia we have always had a proactive and preventive stance on the subject of information security, but this time, we wanted to have an external party
determine how secure we really are."
- Timo Schipperen, CISO Amphia
Amphia x Red Teaming
A Complete Overview
Why did you choose Red Teaming?
We chose Red Teaming because we wanted the complete overview of the techniques used by cybercriminals to attack organizations or institutions.
What components were tested, among others?
Some examples of the tests performed by Secura are: how do our people react to phishing emails; what do they do with macros that are offered in emails; if they respond to phishing messages, do they give out their account and password? All of this could potentially lead to a cyberattack, which was also tested to see whether there were any vulnerabilities.
What we also had tested by Secura, is whether our employees are aware of their role in all of this. We had a so-called mystery guest walking around and trying everything out.
How is the collaboration with Secura?
For us, the collaboration with Secura was very professional. They always coordinate and check in with the customer. The investigation by Secura has helped our management and employees become aware of what could potentially happen and what the consequences could be.
Collaboration with the Healthcare Sector
Willem Westerhof, Security Specialist at Secura: "With many projects in healthcare, we notice that quite a lot of findings come out of these tests. There are truly a lot of vulnerable systems out there. We notice that in healthcare there are also a number of structural problems: cybersecurity is not always at the top of the priority list, while a lot of harm can come from it in the end and create situations that can really impact the operational process of a hospital to save lives, for example:
- Leaking or modifying patient records
- Influencing air conditioning
- Take over operating rooms
- Heart monitors that can be hacked
We do see real dangers there and are very much looking forward to working with the healthcare sector to address these issues."
Testing Information Security in Practice
Red Teaming has its origins in the military arena where full-spectrum cyber attacks are simulated. During the investigation, insight is provided into the various steps that collectively make up the final attack. This allows you to measure the effectiveness of your cyber defenses against malicious actors and allows your defenders to practice and validate or refine their detection and response capabilities in a controlled environment.
"With Red Teaming we try to simulate a real attack. Customers give us nothing, we collect it all ourselves and then we try to get in, penetrate and take the crown jewels without anyone noticing that we are there."
- Willem Westerhof, Senior Security Specialist & Team Lead Secura
Components of a Red Teaming investigation include:
- Open Source Intelligence (OSINT) - Using public sources to gather information that can be used in the investigation
- Phishing - attempting to obtain account names and passwords by means of a phishing campaign
- Social Engineering - A mystery guest who tries to enter places where this person is not allowed to be.
- Hack - Using technical attacks to gain enough permissions in the environment to get hold of an organization's crown jewels, without being stopped in the process by the organization's system administrators.
Secura is your independent cybersecurity expert. Secura provides insight into the security of valuable data and systems. We make cybersecurity tangible and measurable within the fields of IT, OT and IoT. With our security consulting, testing, training and certification services, we approach cybersecurity holistically. We do this in all areas: people, processes and technologies.