Having a dozen mental health facilities located throughout California, the Kings View corporate compliance team required clarity as to the security vulnerabilities on their wireless networks. ‘Could our medical devices be hacked?’ ‘Is our patient data vulnerable?’ ‘Is our security sufficient to detect and stop attempted breaches?’ The selected security partner not only had to provide clarity on these vulnerabilities, but ensure that recommendations furthered the organizations HIPAA compliance goals.
When approaching the Kings View engagement, Breadcrumb engineers understood firsthand that wireless, just isn’t wireless. Deficiencies within the wireless protocol, and the decentralization of wireless management, make organizational wireless networks very susceptible to unauthorized access. Leveraging their expertise within the medical community, Breadcrumb performed LIVE, onsite testing at each of the twelve locations. Real-world assessment strategies included access point impersonation, discovery and exploitation of hidden networks, interception of wireless data and the review of encryption protocols. Customer wireless devices (medical devices, iPad's, laptops, etc.) were also targeted during the assessment, evaluating their relative strength and resistance to a sustained attack. Lastly, complex mathematical scenarios were used to challenge the strength of encrypted wireless passwords, producing over 200 billion attempts in the Breadcrumb lab.
Having thoroughly evaluated discovered wireless networks, Breadcrumb engineers were able to deliver a comprehensive and detailed analysis of the organizations wireless security posture. Referencing a series of industry standards, and established best practices within medical environments, Breadcrumb produced actionable reporting, with prioritized recommendations. Kings View Director of Operations, Gretta Peterson noted, 'We were very pleased with the results of Breadcrumb’s engagement and found their recommendations invaluable.'
Access Point Impersonation
Wireless Vulnerability Assessment
Breadcrumb helps protect the infrastructure, critical data, and reputation of organizations from hackers seeking to do them harm. Based in California, Breadcrumb offers comprehensive cybersecurity services for organizations throughout the U.S. Our services include regulatory compliance, risk assessments, digital forensics, penetration testing, incident response, technical/staff training, 24/7 security operations, and on-going advisory services.