Radiology hacking experts offer 3 steps for physicians to cybersecure their practices

Radiology, like the rest of medicine, is susceptible to cyberattacks. One recent study estimated that more than 1 billion medical images are exposed online via vulnerabilities in picture archiving and communication systems across the globe. But how prepared is the average radiologist to prevent such attacks in this new era of digital warfare?

The American Journal of Roentgenology recently convened a blue-ribbon panel of experts to chew over this predicament. Those involved included a radiologist hacker, prominent cybersecurity researchers from three countries outside the U.S., and a top authority on the DICOM (digital imaging and communications in medicine) file format.

They outline three steps radiologists can take to cyber-safeguard practices in their “call to action” for the field, set to be published in the April edition of AJR.

“To mitigate these vulnerabilities, all major players must do their part, from DICOM security leaders at the core of the DICOM world to radiologists as endpoint users and readers,” wrote Benoit Desjardins, MD and PhD, a radiologist and security expert with Penn Medicine, and colleagues. “Cyberattacks will pervade life in years to come, even more than they currently do. They have the power to quickly bring down entire hospitals, multinational corporations, cities and even possibly countries,” they added later.

To prepare for such security threats, radiologists should remember the acronym CIA—representing confidentiality, integrity and authenticity. Here’s how this triad applies to imaging professionals:

1) First it is important to maintain confidentiality, Desjardins et al. noted. “Any medical image on a laptop or CD should be encrypted or anonymized. One should never remotely view or transmit medical images on a public Wi-Fi network without the use of a virtual private network, which encrypts all communications.”

2) Second, radiologists must verify the integrity of their data. “As healthcare moves into a new era of increasing information vulnerability, radiologists should understand that they may be using data that has been altered,” the panel wrote, later adding: “If tampering of DICOM image attributes is suspected, use any prior imaging and the medical history to determine whether the images belong to that patient and whether the imaging findings make sense.”

3) Finally, clinicians need check the authenticity of information. “Are the imaging data coming from a trusted source? Loading a CD from an unfamiliar source to read images on a local computer for a curbside consult is risky because the CD could have been tampered with, enabling it to auto-execute malware. Film libraries have computers that can safely extract DICOM images from CDs and load them into a PACS,” Desjardins advised.

In a corresponding AJR commentary published Jan. 22, E. Russell Ritenour, PhD, urged radiologists to heed the panel’s advice, given its breadth of knowledge. He said it’s difficult to estimate how many hacking incidents have occurred in radiology to date. However, physician groups of all sizes must prepare themselves for any type of attack, and publicly report any incident, rather than sweeping it under the rug.

“Mechanisms must be made available for smaller radiology practices to report such crimes for the good of the community and for their own long-term benefit,” wrote Ritenour, a professor with the Medical University of South Carolina and informatics editor of the AJR. “It is vital to the radiology enterprise that efforts be made by medical groups at all levels to reinforce security measures, maintain a constantly upgraded computing infrastructure to combat new hacking techniques, and publicly share knowledge obtained from hacking incidents,” he added later.