@Finris
I think that's a great avenue. Embedded device security is absolutely horrible, and we have incidents such as the Mirai Botnet (which took out the East Coast internet of the United States) to demonstrate that fact. How I was envisioning interaction is that our group of hackers end up creating an online group where they interact with each other, and they each end up creating various cyber crime incidents for the security professionals (who also know each other) to try to resolve. For example:
Hackers get together and as a team, figure out that a new Pacemaker is vulnerable. They decide that it would be funny if they wrote malware to infect all of them, which sends data back to the hospital saying that their heart has stopped while not actually interfering with the function of the device (since they're not monsters). They just want to get the public's eye to convince them to fix their medical device security. The team of security professionals begins looking into this incident, reverse engineering the malware, etc. They check it out, but it's not top priority until one of the hackers, unbeknownst to the others, begins actually stopping peoples' hearts.
Does that help, or can I do more clarifying?
I think that's a great avenue. Embedded device security is absolutely horrible, and we have incidents such as the Mirai Botnet (which took out the East Coast internet of the United States) to demonstrate that fact. How I was envisioning interaction is that our group of hackers end up creating an online group where they interact with each other, and they each end up creating various cyber crime incidents for the security professionals (who also know each other) to try to resolve. For example:
Hackers get together and as a team, figure out that a new Pacemaker is vulnerable. They decide that it would be funny if they wrote malware to infect all of them, which sends data back to the hospital saying that their heart has stopped while not actually interfering with the function of the device (since they're not monsters). They just want to get the public's eye to convince them to fix their medical device security. The team of security professionals begins looking into this incident, reverse engineering the malware, etc. They check it out, but it's not top priority until one of the hackers, unbeknownst to the others, begins actually stopping peoples' hearts.
Does that help, or can I do more clarifying?