Malware attacks from within hospital, exposes need to encrypt medical imaging

Israeli cybersecurity experts created malware that can alter CT scans to indicate a healthy patient has cancer and a sick patient is healthy, according to The Washington Post.

Researcher at the University Cyber Security Research Center said they created the malware to highlight the vulnerabilities in critical medical imaging equipment and the networks that transmit those images to cyberattacks.

One of the researchers, Yisroel Mirsky, told the Post that hospitals are vulnerable to the attacks because they tend to be more concerned about protecting data shared between hospitals and with other doctors, ignoring "what happens within the hospital system itself."

To prevent malware from altering CT and MRI scans, hospitals need to install end-to-end encryption across its picture archiving and communication system network. Hospitals also must digitally sign all images, according to the Post.

Studies have proven malware-attacked CT scans are an immediate threat. In one blind study that involved real CT lung scans, 70 of them were altered by malware. Three skilled radiologists were tricked into misdiagnoses nearly every time, the Post reported.

After radiologists were told scans were fabricated by malware and given a second set of scans, they were still tricked 60 percent of the time. In scans that removed cancerous nodules, radiologists failed to diagnose actual sick patients 87 percent of the time.

Although these studies focused on lung cancer scans, the malware can attack CT scans for brain tumors, heart disease, blood clots, spinal injuries, bone fractures, ligament injuries and arthritis.

 

Copyright © 2024 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.

 

Featured Whitepapers

Featured Webinars