Skip to content
New Report: Get your copy of The 2024 State of the Internet Report! | Download Today
Blogs

CARISMATICA Cybersecurity Hackathon: Using Censys to Identify Vulnerable Medical Services

Well, hello there! We are Prof. Dr. Pere Tuset-Peiró from TecnoCampus Mataró (Spain), and Prof. Dr. Michael Pilgermann from the Brandenburg University of Applied Sciences (Germany), and today we are writing this invited post on the Censys Blog to share with you our experience organizing a hackathon focused on cybersecurity in the medical domain and how Censys was helpful in our endeavors.

Strengthening Medical Cybersecurity at the CARISMATICA Cybersecurity Hackathon

This year’s hackathon event, held from December 2-5, 2024, was an integral part of CARISMATICA (https://carismatica.upc.edu/), a research project led by UPC (Universitat Politènica de Catalunya) and funded by INCIBE (Instituto Nacional de Ciberseguridad, the Spanish institute for cybersecurity) as part of the Next Generation European Union funds.

CARISMATICA is a cybersecurity research project aimed at enhancing the resilience of medical services against emerging threats. By combining expertise from various institutions, including TecnoCampus Mataró and the Brandenburg University of Applied Sciences, we strive to create innovative solutions that protect patient data and ensure the continuity of critical healthcare services.

Our hackathon, co-organized between TecnoCampus Mataró and the Brandenburg University of Applied Sciences, brought together 18 individuals from diverse backgrounds. Participants hailed from various countries, universities, and technical disciplines (i.e., Computer Science and Electrical Engineering), spanning both Bachelor’s and Master’s levels. This rich blend of perspectives fostered a vibrant learning environment that stimulated collaboration and knowledge sharing.

Guest Blog Image 1 Guest Blog Image 2

The Challenge: Finding Vulnerable PACS Servers 

The primary objective of the hackathon was to identify vulnerable medical services, specifically Picture Archiving and Communication System (PACS) servers exposed to the Internet. PACS servers play a crucial role in managing and distributing medical images, making them attractive targets for cybercriminals to gather patient information. Hence, our goal was to locate these vulnerable services, determine their responsible organizations, and report our findings to the appropriate individuals – all while employing Open Source Intelligence (OSINT) tools and adhering to a strict no-active-hacking policy.

Leveraging Censys Search to Query Potential Targets 

To expedite our search for vulnerable PACS servers, we harnessed the power of the Censys Search tool. Participants developed Python code that interfaced with the Censys API, enabling them to query potential targets efficiently. Once a target was identified, teams created a pipeline to gather evidence confirming its status as a vulnerable PACS server and determine its approximate location, responsible organization, and point of contact.

After perfecting their pipelines in a controlled environment, participants turned their attention to real-world targets across multiple countries. Teams focused on Spain, Germany, India, and other regions, discovering several vulnerable services along the way. Thanks to their diligent work, we successfully located responsible organizations and contacted IT leads, facilitating swift remediation of these potential threads.

Guest Blog Image 3 Guest Blog Image 4

Looking Ahead: Expanding Global Cybersecurity Efforts 

As we move forward, our sights are set on expanding this global endeavor, identifying more vulnerable services worldwide, and working towards ensuring their security on the Internet. Together, we can strengthen the resilience of medical cyberinfrastructure and safeguard the vital care that millions depend upon every day.

Finally, we want to thank Censys for tooling access provided by the research access program. Having such a resource at our disposal significantly accelerated our search and analysis process, making it an invaluable asset in our mission to secure vulnerable medical services worldwide.

About the Author

Pere & Michael
Dr. Pere Tuset-Peiró & Dr. Michael Pilgermann
CARISMATICA
Dr. Pere Tuset-Peiró : Dr. Pere Tuset-Peiró received the BSc and MSc in Telecommunications Engineering from Universitat Politècnica de Catalunya in 2007 and 2011, and the PhD in Network and Information Technologies from Universitat Oberta de Catalunya in 2015. Currently, he is Associate Professor at TecnoCampus Mataró, a school of Universitat Pompeu Fabra, where he teaches various courses related to in computer systems and networks, including cybersecurity.

Dr. Michael Pilgermann: Dr. Michael Pilgermann has gained about 20 years of professional IT security experience in business and administration. Since 2021, he has been a Professor at the Brandenburg University of Applied Sciences, specializing in IT security. He researches on detection of cyber attacks when operating critical infrastructures.

Similar Content

Back to Resources Hub
Attack Surface Management Solutions
Learn more