“Deliberately tampering with the scans could aid insurance fraud, ransomware, cyberterrorism or even murder,” say Ben Gurion University researchers.
By World Israel News Staff
Hackers can access a patient’s 3-D medical scans to add or remove images of malignant tumors, putting patients at risk of misdiagnoses, according to cybersecurity researchers at the Ben-Gurion University of the Negev (BGU).
The hackers said that they have conducted a survey which shows that altered scans successfully deceived both radiologists and the artificial intelligence algorithms which are used to assist in reaching a diagnosis.
A 3-D CT (computerized tomography) scan combines a series of X-Ray images taken from different angles around the body and uses computer processing to create cross-sectional images (slices) of the bones, blood vessels, and soft tissues, the university explains in a statement on the research.
CT scan images provide more detailed information than standard X-Rays and are used to diagnose cancer, heart disease, infectious diseases, and more. An MRI (magnetic resonance imaging) scan is similar but uses powerful magnetic fields to diagnose bone, joint, ligament, and cartilage conditions, it adds.
As a result, say the researchers, “deliberately tampering with the scans could aid insurance fraud, ransomware, cyberterrorism or even murder. Attackers can even automate the entire process in a malware which can infect the hospital’s network.”
“Our research shows how an attacker can realistically add or remove medical conditions from CT and MRI scans,” says Dr. Yisroel Mirsky, lead researcher in the BGU Department of Software and Information Systems Engineering, project manager, and cybersecurity researcher at BGU’s National Cyber Security Research Center.
“In particular, we show how easily an attacker can access a hospital’s network, and then inject or remove [images of] lung cancer from a patient’s CT scan,” he said.
To demonstrate the feasibility of the attack, with permission, the researchers broke into the network of an actual hospital and intercepted every scan taken by a CT scanner, says the university.
“The scans were not encrypted because the internal network is usually not connected to the internet. However, determined intruders can still gain access via the hospital’s Wi-Fi or physical access to the infrastructure,” Dr. Mirsky says, adding that “these networks are now being connected to the internet as well, which enables attackers to perform remote attacks.”
To inject and remove medical conditions, the researchers say they used a deep learning neural network called a generative adversarial network (GAN).
Radiologists misdiagnosed 99 percent of the altered scans showing malignant tumors, and 94 percent of altered images that had cancerous images removed, says the university. After the radiologists were informed of the attack, they still could not differentiate between the tampered and authentic images, according to the researchers.
The BGU experts proposed some immediate countermeasures which can mitigate most of the threat. One solution is to enable encryption between the hosts in the hospital’s radiology network. In addition, some hospitals can enable digital signatures so that their scanners sign each scan with a secure mark of authenticity.
“Another method for testing the integrity of the images is to perform digital watermarking (DW), the process of adding a hidden signal into the image such that tampering corrupts the signal and thus indicates a loss of integrity,” Dr. Mirsky says. “Unfortunately, the vast majority of medical devices and products currently do not implement DW techniques.”