Researchers confirm hackers could tinker with medical images

Research indicates that hackers can use deep learning technology to add or remove evidence of medical conditions from existing medical scans.

Researchers at Ben-Gurion University and Soraka University Medical Center in Israel have demonstrated that they are able to remove a lung cancer image from a CT scan. They intercepted and manipulated CT scans in an active hospital network with a covert penetration test.

“An attacker may perform this act in order to stop a political candidate, sabotage research, commit insurance fraud, perform an act of terrorism or even commit murder,” the researchers warn.

Although the body is complex and 3D medical scans are very large, the researchers contend that they were able to manipulate scans easily.

“To evaluate the attack, we focused on injecting and removing lung cancer from CT scans,” they added. “We show how three expert radiologists and state-of-the-art deep learning AI are highly susceptible to the attack.”

Ben-Gurion University-CROP.jpg

They contend that a skilled attacker could do the same. For example, an attacker could add or remove evidence of aneurysms, heart disease, blood clots, infections and multiple other ailments.

This vulnerability is not an anomaly. Recently, a researcher at McAfee demonstrated how web portals can be exploited to view and modify a patient’s 3D DICOM imagery. “PACs, which are not directly connected to the Internet, are indirectly connected via the facility’s internal network,” the Israeli researchers explain. “They are also vulnerable to social engineering attacks, physical access and insiders. Therefore, a motivated attacker will likely be able to access a target PACS and the medical imagery within it.”

The ramifications of doctored scans are enormous to patients, families, clinicians and the overall integrity of the nation’s healthcare system.

Also See: Bitglass blames hacking, IT incidents as main reasons for breaches

But hackers in other arenas can do the same types of manipulation, the researchers note. An individual or state adversary could affect the outcome of an election by adding cancer to a CT scan performed on a political candidate, who then may step aside the fight the contrived disease.

Altering scans also could become a new type of ransomware against the healthcare industry. The attack alters a few scans and then demands payment to reveal which scans were altered. Significantly, this type of ransomware also can be used against a provider organization’s MRI images.

“To the best of our knowledge, it has not been shown how an attacker can maliciously alter the content of a 3D medical image in a realistic and automated way,” researchers note. “Therefore, this is the first comprehensive research that exposes, demonstrates and verifies the threat of an attacker manipulating 3D medical imagery.”

The full report is available here.

For reprint and licensing requests for this article, click here.