A team of Israeli researchers recently developed and tested a method to add or remove cancerous nodes to CT scans. The research team carried out the attack while performing a penetration test of a standard hospital PACS network. The attack uses AI to either add or remove indications of cancer and can attack medical scans in transit or at rest. It can be targeted to particular patients or left to change random scans to cause chaos.

The attack

The researchers hired 3 radiologists to review 100 CT scans, 70 had been tampered with while the other 30 were legitimate. On initial review the radiologists diagnosed 99% of the injected patients with malign cancer and 94% of cancer removed patients as being healthy. Almost a completely successful attack. After informing the radiologists of the nature of the attack they still misdiagnosed 60% of scans with indications of cancer added and 87% of removals. Commonly used AI assisted cancer detection tools also misdiagnosed 100% of tampered scans.

PACS Insecurity

Healthcare networks are notoriously insecure and PACs environments are often riddled with vulnerabilities. Modality workstations still often run old, unpatched embedded versions of windows.

They are often in publicly accessible areas, patients are often left alone with physical access to the workstations where a small USB device could be deployed to initiate the attack. Modalities are often used as a short term back up of scans potentially exposing stored scans to attackers. More and more medical imaging providers are exposing systems direct to the internet further expanding the attack surface not to mention good old fashioned spear phishing attacks.

So What?

The implications of an attack of this nature are huge and only limited by imagination. A targeted attack against a politician could result in a resignation for health reasons. concealing a positive cancer diagnosis could essentially be used as a form of no touch assassination. Untargeted attacks could hold networks to ransom, a ransom no backup will prevent.

What do we do?

Unfortunately increasing security in PACS network is not simple. The key to preventing these types of attacks in encryption, both at rest and in transit. Many modalities and PACS do not support encryption to the level required and if they do they are not enabled. Physical security needs to be come a key concern designing PACS and scanning rooms. Unfortunately the weakest link in a PACS network is DICOM. DICOM uses the term C-Move to indicate transfers of scans unfortunately this is a copy not a move meaning more devices that could potentially be attacked. Radiologist diagnostic workstations are often off site not to mention copies of studies being sent between clinics and hospitals for review.

A Solution

It is impossible to have a completely secure environment that is still usable. The key is to reduce the complexity of the PACS network

This should be achieved by storing scans in an encrypted central archive, reduce or better yet eliminate all secondary transfers by using viewing and diagnostic tools that stream to the workstation rather than move the scans. The archive becomes the source of truth. Version control and auditing replace the need to utilise modalities as short term back ups. Any scans altered outside of the archive will be quarantined and alert an administrator for manual review.



