Talk to an expert
Talk to an expert

Healthcare & MedTech

Hospitals, medical devices, IoMT, software

The most targeted sector. Lives at stake in every attack.

293 ransomware attacks on hospitals in 9 months of 2025. 53% of connected medical devices have at least one unpatched critical vulnerability. Change Healthcare: 192.7 million US records exposed, the US healthcare system paralyzed for weeks.

1
Ransomware attacks on hospitals, first 9 months of 2025
1 %
Of connected medical devices with an unpatched critical vulnerability (FBI)
1 M
Medical records exposed, Change Healthcare (largest healthcare breach on record)
1 M
French citizens exposed, Viamedis & Almerys 2024

THE PERFECT TARGET—VITAL CRITICALITY, PRECIOUS DATA, STRUCTURAL DELAY

293 hospitals attacked — documented increase in mortality
Studies document increases in mortality during attacks: ambulance diversions, postponed surgeries. Average recovery cost: $1.02M excluding ransom (Sophos 2025). Groups are shifting toward IT providers to maximize simultaneous impact.
53% of medical devices with an unpatched critical vulnerability
Infusion pumps, pacemakers and MRI machines run on obsolete systems (Windows CE, unpatched Linux) for 15-20 years. Researchers have demonstrated the remote reprogramming of pacemakers and insulin pumps — on systems on which lives directly depend.
Change Healthcare: one subcontractor, 192 million patients
A Citrix access with no MFA at a claims-management subcontractor paralyzed almost the entire US healthcare system. In France, Viamedis and Almerys exposed 33 million records in 2024.
MDR & FDA 524B: device cybersecurity before certification
EU MDR 2017/745 and FDA Section 524B mandate a cybersecurity assessment for connected medical devices before certification. IEC 62304, ISO 14971 — security tests documented in the certification dossiers.

OUR SERVICES

QREDTEAM

ADVERSARY SIMULATION

  • Hospital Red Team — APT simulation targeting HIS/EHR systems and infrastructure
  • Pentest of DICOM imaging systems and exposed FHIR APIs
  • Supply-chain attack simulation via healthcare IT providers (EHR, LIMS, claims clearing)
  • Pentest of medical mobile apps and patient portals
  • Pharma Red Team — APT espionage simulation on R&D data and clinical trials.
Discover QRedTeam

QLAB

DEEP SECURITY RESEARCH

  • Reverse engineering of IoMT medical-device firmware (pumps, monitors, scanners)
  • Security audit of connected devices (DICOM, HL7, FHIR) for MDR/FDA compliance
  • 0-day research on critical medical equipment (pacemakers, insulin pumps)
  • Audit of medical software (EHR, LIMS) — binary analysis for IEC 62304
  • SBOM evaluation of medical devices for FDA 524B and MDR compliance.
Discover QLab

QSHIELD

SOFTWARE PROTECTION

  • Protection of medical-device code against reverse engineering and counterfeiting
  • IP protection of medical-AI algorithms (image diagnosis, decision support)
  • Anti-cloning for device makers exporting to risky markets
  • Obfuscation of certified medical-software code against adversary analysis
  • Protection of clinical-management applications against patient-data extraction.
Discover QShield

QUARKSLAB DIFFERENTIATOR

Health-data-hosting (HDS) auditors verify policies — not the medical devices themselves. Quarkslab reverse-engineers the firmware of your IoMT devices, actually tests FHIR APIs, and produces deliverables integrable into your MDR/FDA 524B dossiers. QShield protects the code of your medical-AI algorithms — IP actively targeted by competitors and states.

WHAT WOULD WE SAY TO EACH OTHER, FACE TO FACE

Have your connected medical devices been tested by someone genuinely trying to compromise them?

53% of connected medical devices have at least one unpatched critical vulnerability. These devices run on obsolete systems for 15-20 years and cannot be patched without recertification. MDR and FDA 524B require you to demonstrate their security — not merely to have declared it.

RE without sources — IEC 62304 built in
We reverse-engineer your IoMT firmware like a hostile researcher. MDR and FDA 524B require this depth.
Certifiable deliverables — IEC 62304, ISO 14971
Our reports are structured for your MDR/FDA 524B dossiers. You get a certifiable deliverable, not an adapted pentest.
Change Healthcare should never have happened
We audit your critical IT providers with the same level of rigor as your own systems.
Your algorithms, protected
QShield protects the code of your diagnostic algorithms — IP that represents years of clinical validation.
Our publications & CVEs
Assess your healthcare systems and devices