Attackers can change imaging results, fool radiologists

As if healthcare providers didn’t already have enough cybersecurity threats to worry about, researchers have now found that malware can create fake findings in imaging results and deceive radiologists.

Researchers from Israel’s Ben Gurion University Cyber Security Research Center, who published findings on this topic back in January, spoke with the Washington Post about this topic. Yisroel Mirsky, PhD, told the publication that hospitals are “very, very careful about privacy” when it comes to sharing information or communicating with other hospitals, but “tend to be pretty lenient” when it comes to what happens inside the facility itself.

“It’s not ... that they don’t care,” Mirsky told the Post. “It’s just that their priorities are set elsewhere.”

The team’s research found that three experienced radiologists were fooled into diagnosing cancer by fake findings 99 percent of the time. The radiologists also said patients were healthy after real findings were removed by the same malware 94 percent of the time.

Once the malware was installed on a hospital’s PACS network, it was designed to aggressively find and alter scans on its own, with no further direction from a user. The malware can be connected remotely by using the internet, the researchers noted, which is possible at many hospitals since PACS networks are often directly connected to the internet.

End-to-end PACS encryption is the best way to safeguard against such an attack, Mirsky told the Post. However, as an FDA representative said in the same article, many hospitals can’t afford such technology or their infrastructure is simply to out of date to support it.

To read the full story, click the link below: