
[Image courtesy of Blogtrepreneur on Flickr, per Creative Commons 2.0 license]
The deception-based threat detection in the BOTsink features decoys and lures that misdirect potential attackers from production assets. Through the collaboration, BOTsink decoys will provide software on certain BD products that will create mirror-match decoy authenticity. This will create an illusion where a potential attacker will not be able to tell what is real and fake. It will also show what an attacker is doing as they scan systems or try to download malware onto medical devices.
“We welcome Attivo Networks to the BD Product Security Partnership Program as an important collaborator in our collective quest to improve cybersecurity across the healthcare industry,” Rob Suarez, director of product security at BD, said. “The Attivo BOTsink solution was rigorously tested and validated by BD to tailor their protection technologies to work with our medical technologies, rather than being introduced as an afterthought.”
Recent cybersecurity attacks, like the WannaCry attack in May of last year that affected the National health Service in England and Scotland, have put cybersecurity into focus for medical devices. Additionally, software issues have been one of the leading causes of medical device recalls in the past year.
Attivo BOTsink deception servers will be added to BD Alaris infusion systems. It will also provide an attack analysis with indicators of compromise and attacker tools, techniques and processes with actionable forensics for remediation and threat hunting. The disability tools that are being added will also offer attack path vulnerability assessments and time lapsed replays.
“IoT medical device security is one of today’s greatest challenges for the healthcare industry. IoT devices inherently have additional security risk based on their operating systems and connections to WiFi networks, and the internet,” Marc Feghali, VP of product management at Attivo Networks, said. “BD is proactively leading the field by working with Attivo to add a reliable mechanism for early threat detection. By combining their software with Attivo dynamic deception, we have created a fantastic tripwire to alert on potential nefarious behavior.”