Penetration Testing: Medical
A medical facility used the technical resources of their nationally recognized Electronic Medical Records (EMR) provider to set up and maintain their network, servers, and workstations. While the medical facility beleived that everything was secure, they wanted to be sure. To ensure the security of the sensitive data patients entrusted to the medical facility, they hired High Bit Security to perform a penetration test.
For this engagement, High Bit Security performed an external penetration test. We also performed an internal penetration test. To the surprise of the medical facility, High Bit Security produced a nearly 150 page security report.
During external testing, High Bit Security discovered several configuration problems exposing useful information and found a serious security flaw that, when combined with the information disclosure, allowed an attacker to pivot and gain access to the internal network.
During internal testing, High Bit Security identified the following security vulnerabilities:
- LDAP vulnerabilities that allowed harvesting of all user accounts.
- Misconfiguration of workstations and servers that, together with the LDAP misconfiguration, allowed administrator control over almost every workstation and server in the environment.
- Outdated software that allowed High Bit Security to pull and decrypt the passwords for every Active Directory account in the system, a vulnerability that would have allowed us to create administrator accounts on the target systems, had we not already gained access through other means.
- Misconfiguration of an all in one printer allowing us to gain access to the sensitive information being printed and copied.
- Weak firewall configuration that allowed us to remotely connect to internal machines and transfer any data from the internal network to the outside.
- Weak anti-malware systems and lack of defense in depth, which together could allow covert installation of malicious software and backdoors.
The medical facility was extremely pleased they engaged High Bit Security. The new IT support company, which replaced the nationally recognized EMR company, reviewed the report results with High Bit Security, and made the changes to the medical facility systems in order to close out all security flaws identified. The new IT support company easily saved over a hundred hours of research and investigation as a result of the details and guidance contained in the High Bit Security reports, allowing them to implement the corrections quickly and efficiently.
The engagement was summed up best by one of the medical facility's founders "Certainly the money I spent on testing by High Bit Security was well worth it."