Ben-Gurion University of the Negev researchers warn that medical imaging devices aren't properly protected against cyberthreats.
Building a slide deck, pitch, or presentation? Here are the big takeaways:
- Medical imaging device (MID) manufacturers and healthcare providers must work harder to protect these machines from cyberattacks. — Ben-Gurion University of the Negev, 2018
- An attackers could compromise a computer behind a CT machine, increase the radiation levels and cause "severe damage" and harm to a hospital patient. — Ben-Gurion University of the Negev, 2018
In a new report detailing cyberattacks on medical imaging devices (MIDs), researchers at the Ben-Gurion University of the Negev (BGU) Malware Lab noted that attackers could hack a computed tomography (CT) device and cause "severe damage" to a patient.
In the paper— Know Your Enemy: Characteristics of Cyber-Attacks on Medical Imaging Devices—researchers explain that many medical devices like CT and magnetic resonance imaging (MRI) machines don't receive regular updates and are easy to exploit. For CT machines, an attacker could compromise the computer that controls it and up the radiation levels to hurt a patient. Attackers could also disable or block MIDs during a ransomware attack, according to a BGU press release.
Many traditional industries, such as healthcare, often rely on legacy tools as a means of remaining compliant or avoiding the arduous task of migrating data. Unfortunately, if these tools aren't patched, they could easily be attacked and leveraged for financial gain.
SEE: Network security policy template (Tech Pro Research)
The research stems from a larger research project called Cyber-Med, wherein BGU researchers are working to build new security tools for medical devices like pacemakers, robotic surgery systems, and MIDs, the release said. As MIDs become more connected to hospital networks, attacks against them could increase and become more critical.
"CTs and MRI systems are not well designed to thwart attacks," Nir Nissim, who leads the BGU Malware Lab, said in the release. "The MID development process, from concept to market, takes three to seven years. Cyber threats can change significantly over that period, which leaves medical imaging devices highly vulnerable."
After studying a variety of vulnerabilities and attacks, the researchers found that CT devices faced the biggest risk of cyberattack. But for MIDs in general, attackers could potentially disrupt the scan configuration files, cause the device's mechanical motor to malfunction and injure a patient, mix up the image results, or perpetuate a ransomware attack.
"In cases where even a small delay can be fatal, or where a dangerous tumor is removed or erroneously added to an image, a cyberattack can be fatal," BGU Malware Lab team member Tom Mahler said in the release. "However, strict regulations make it difficult to conduct basic updates on medical PCs, and merely installing anti-virus protection is insufficient for preventing cyber-attacks."
As part of their future research, the BGU Malware Lab team is working on a machine learning algorithms to detect anomalies in CT devices. The hope is that this could prevent and protect against cyber attacks on these critical machines.
- The secret to being a great spy agency in the 21st century: Incubating startups (TechRepublic)
- US hospital pays $55,000 to hackers after ransomware attack (ZDNet)
- WannaCry: The smart person's guide (TechRepublic)
- This new strain of ransomware was to blame for hospital cyberattack (ZDNet)
- Inside the New York hospital hackers took down for 6 weeks (CBS News)