Researchers demonstrated that hackers can modify 3D Computer Tomography scans to add or remove evidence of a serious illness, including cancers.

A group of researchers from the Ben-Gurion University and the Soroka University Medical Center, Beer-Sheva, in Israel, have demonstrated that hackers can modify 3D medical scans to the result of a clinical examination.

Attackers can add or remove evidence of various illnesses, including aneurysms, heart disease, blood clots, infections, arthritis, cartilage problems, torn ligaments, and tumors in the brain, heart or spine.

The experts developed proof-of-concept (PoC) malware that uses a machine learning technique known as generative adversarial network (GAN) to alter 3D images generated during a Computer Tomography (CT) scan . Scan s are sent to picture archiving and communication systems (PACS) that store them. The format used to transmit and store the images is DICOM. GE Healthcare, Fujifilm, Philips, and RamSoft are main vendors of

PACS systems.

PACS and DICOM servers are often left exposed to the Internet, the experts found roughly 2,700 servers exposed online using the Shodan search engine.

The experts also discovered that medical imagery data are transmitted without encryption, an attacker can potentially run man-in-the-middle (MitM) attacks to manipulate them.

The experts conducted a penetration test in a radiology department of a hospital. In a test scenario, they connected a small MitM device between the CT scanner’s workstation and the PACS network that allowed them to intercept traffic from the CT scanner. The researchers developed an attack framework dubbed CT-GAN to manipulate the images via the GAN technique.

The experts used a dataset of 100 Computer Tomography scans that were analyzed by three radiologists involved in the experiment.

They used a mix of 30 authentic Computer Tomography scans and 70 scans that they modified by using the CT-GAN tool. The PoC malware developed by the experts allowed them to alter the images by introducing evidence of malign cancer into the scans and remove cancer from the scans of sick patients.

“We also evaluated the attack by determining how well CT-GAN can fool humans and machines: radiologists and state-of-the-art AI.” reads the research paper. “We found that, with out knowledge of this attack, radiologists are fooled 99% of the time for injection, and 94% of the time for removal (the AI was fooled 100% of the time)”

Then the experts informed the radiologists of the attack, and repeated the test. Radiologists still misdiagnosed 60% of those with injections, and 87% of those with removals of evidence of the cancer.

“There are many more reasons why an attacker would want to tamper with the imagery. For example: falsifying research evidence, sabotaging another company’s research, job theft, terrorism, assassination, and even murder.” continues the paper.

Further technical details are reported in the research paper, experts also published a video that shows how an attacker could plant malware in a healthcare organization.

Pierluigi Paganini

( SecurityAffairs – Computer Tomography, hacking)

Share this...

Linkedin Reddit Pinterest

Share On