Image source: Adobe Stock/local_doctor

Interview • Scanner manipulation prevention

Protecting medical imaging devices from cyberattack

Medical imaging and radiotherapy treatment devices are essential lifesaving technologies for hospitals, clinics, and cancer treatment centres worldwide. In an era when hospital information systems are increasingly being attacked by cybercriminals, just how protected and safe is this equipment? We spoke with Tom Mahler, PhD, from the Ben-Gurion University (BGU) of the Negev, Israel, about which imaging modalities are most at risk from cyberattacks, what hospitals can do to improve security, and how this affects the work of radiologists.

Interview: Cynthia E. Keen

Tom Mahler specialises in artificial intelligence (AI), anomaly detection, and cyberspace security. He has spent years analysing the vulnerabilities to external manipulation and sabotage of radiation-emitting medical imaging device systems as part of his doctoral research at BGU. He believes that imaging modalities are quite vulnerable in clinical settings to the risk of cyberattack, and that CT scanners in particular face the greatest risk. In a recent publication in the Journal of Digital Imaging, he and his colleagues present a model for incorporating active participation by radiologists. To increase awareness, Mahler also speaks about digital threat at radiology events such as the RSNA congress.

HiE: How did radiologists and radiology department managers react to your concerns?

portrait of tom mahler
Tom Mahler, PhD

Image source: Ben-Gurion University of the Negev

Mahler: ‘RSNA attendees were quite interested in learning about the vulnerability of their hospital “workhorses”, CT scanners in particular. Radiologists whose work focuses primarily on healthcare find it hard to imagine anyone wanting to maliciously attack medical devices. Individuals with an IT technical background tell me that attacks are even easier than anticipated due to security concerns in the hospitals. I think that today there is a greater awareness of potential risk by cyberattack since 2017.’ 

How vulnerable are these systems today? Have improvements in security been made?

‘Many hospitals have increased security in the digital network environment of the hospital network. Some PACS vendors have also made their products more secure. However, I am not aware of any significant improvements in the imaging modalities domain. These devices are still outdated and exposed to many vulnerabilities. I don’t know of any large security company offering products to secure these devices at the point of care; most companies offer products that increase the security of the network, but not the device itself. 

‘Devices are not monitored enough. I think that monitoring the devices’ operations at the point of care may be an important layer of security that can significantly reduce the risk of attacks. I have developed a detection and prevention framework that monitors the instructions sent with these devices. It uses advanced AI algorithms to detect anomalies within these instructions, and can alert the technician operating, for example if a CT scanner receives the instruction to deliver an excessive radiation dose. This kind of security layer is highly effective as it can block the attacks just in time before they affect the patient, no matter from where the attack originated.’

Recommended article

Do you have recommendations to make medical devices more secure?

‘In my research, I determined that the modality workstation that a technologist uses to configure and control the imaging device is extremely vulnerable to attacks. The detection and prevention framework that I developed monitors the actual instructions sent from the workstation to the scanner. As far as I know, this was the first time anyone tried to look inside a CT device and analyse the instructions sent from the host control PC. 

‘The anomaly detection and prevention framework can be installed outside the host control PC and still block potentially malicious instructions from reaching the CT scanner, or for that matter, any type of digital imaging or radiotherapy device. Automated anomaly detection AI software can do this with an accuracy to date of up to 99.5%. After receiving an alert, a CT technologist can cancel the exam or override it if there is a clinical reason for the anomaly, such as imaging an extremely obese person. The system can even suggest automatically how to correct the instruction and fix the anomaly.’ 

What other types of protection do you recommend?

The transmission of non-encrypted data is a huge vulnerability and is one that is very easy to fix

Tom Mahler

‘My colleagues and I have shown how images from medical devices can be manipulated by adding or removing cancerous tumours in a way that radiologists cannot detect. Adding a digital signature is a secure way to make sure that the data received originated from a secure participant. If that data has been manipulated, the recipient would be alerted to this. Digital signature is very easy to implement, and this feature could be offered by modality and PACS vendors. However, offering such a feature is not enough. It should also be implemented and used by the hospital in which the PACS is deployed. I’ve often found security features provided by vendors that simply were not enabled. 

‘I also strongly recommend encryption of data in motion between a modality workstation and a PACS. The transmission of non-encrypted data is a huge vulnerability and is one that is very easy to fix.’

What should the role of radiologists and radiology administrators be in assessing security risk?

‘The risk assessment process should be done by IT security personnel or a company specialising in these services, under the organisation of the hospital’s chief information security officer. Radiology professionals can play an important role by assessing the impact of attacks, such as malicious sabotage. They also need to advocate for increased security of medical devices to their organisation’s IT staff, computer security team, and to senior hospital administration.’ 


Profile:

Tom Mahler, PhD, is a researcher at the Ben-Gurion University of the Negev (BGU) in Israel. He completed the combined PhD track for outstanding graduate students as the youngest in his class. Mahler’s research focuses on the cyber-security of medical devices and how to protect them using state-of-the-art machine learning and deep learning techniques. He is also the co-founder of FlowHow (p.k.a. CyberMed), a startup company that, based on his research, develops a secure workflow monitoring and optimization solutions for medical imaging devices and radiology departments.

02.06.2022

Read all latest stories

Related articles

Photo

Sponsored • Prevention, early detection, timely treatment

Fujifilm “One-Stop” solution partner for the Healthcare systems

Fujifilm aims to become an entity that can contribute to the advancement of human health by supporting the ongoing transformation in the healthcare industry – as a “One-Stop” solution partner.

Photo

Siemens Healthineers and Flywheel

Partnership for healthcare research collaboration

Medical data management company Flywheel announced a partnership and enterprise license agreement with Siemens Healthineers. Under the agreement, Flywheel will deliver a cloud-based research…

Photo

Sponsored • Radiology collaboration

Improved workflow and a touch of Disney magic

Improving workflow is one of the major challenges that radiology departments face. The need to be more efficient, deliver timely and effective patient care, and keep an eye on costs are all factors…

Related products

Nexus/Chili – Diagnost

Reading

Nexus/Chili – Diagnost

Nexus/Chili GmbH
OR Technology ORCA - OR Cloud Archive

RIS/PACS

OR Technology ORCA - OR Cloud Archive

OR Technology (Oehm und Rehbein GmbH)
i-Solutions Health - RadCentre Patientenportal

Portal Solutions

i-Solutions Health - RadCentre Patientenportal

i-SOLUTIONS Health GmbH
Konica Minolta - Exa Enterprise Imaging

Reading

Konica Minolta - Exa Enterprise Imaging

Konica Minolta Business Solutions Europe GmbH
OR Technology - dicomPACS

RIS/PACS

OR Technology - dicomPACS

OR Technology (Oehm und Rehbein GmbH)
Siemens Healthineers – teamplay Insights

Business Intelligence

Siemens Healthineers – teamplay Insights

Siemens Healthineers
Subscribe to Newsletter