Rebecca Stadlen Amir
February 18, 2018

Though recent years have brought life-changing advances in medical equipment, researchers say that increasing risks posed by cyber-attacks can put patients in danger.

In a new study published in conjunction with Israel’s Cybertech  conference last month, researchers at Ben-Gurion University of the Negev (BGU) demonstrate how easy it is to exploit medical imaging devices (MIDs), like CT scans and MRIs, and warn manufacturers to be more diligent in protecting them.

“The MID development process, from concept to market, takes three to seven years. Cyber threats can change significantly over that period, which leaves medical imaging devices highly vulnerable,” said Tom Mahler, lead author and researcher at BGU’s Department of Software and Information Systems Engineering and the Malware Lab at the BGU Cyber Security Research Center (CSRC).

Mahler conducted the research under the supervision of Prof. Yuval Elovici, director of Cyber@BGU and Prof. Yuval Shahar, director of BGU’s Medical Informatics Research Center. The team also includes Nir Nissim, head of the CSRC’s Malware Lab, and Erez Shalom, research manager at BGU’s Center for Digital Innovation Digital Health Lab, and was done in collaboration with Clalit Health Services, Israel’s largest health maintenance organization.

Tom Mahler, researcher at BGU’s Department of Software and Information Systems Engineering and the Malware Lab at the BGU Cyber Security Research Center. Photo: courtesy

Their paper, “Know Your Enemy: Characteristics of Cyber-Attacks on Medical Imaging Devices,” warns that hackers can block access to MIDs or disable them altogether as part of a ransom attack, which has happened already worldwide.

MIDs are becoming more connected to hospital networks and therefore more vulnerable to sophisticated cyber-attacks that can target a device’s infrastructure and components and fatally harm the patient, the researchers said.

The BGU cyber security experts predict attacks on MIDs will increase, as attackers develop more sophisticated skills directed at these types of devices whose mechanics and software are often installed on outdated PCs.

Of the many vulnerabilities discovered, the researchers found that CT devices face the greatest risk of cyber-attack due to their pivotal role in acute-care imaging. Because a CT sends scanned results connected to a patient’s medical record via a host computer, attackers can disrupt image results and even alter results or connect images to the wrong patient.

In addition, the researchers found that malware can be used to encrypt a victim’s files and demand ransom to decrypt them. The WannaCry attack, which affected more than 200,000 devices in more than 150 nations in May 2017, directly infected tens of thousands of UK and US hospital devices, including MRIs.

BGU cyber researchers said they are working on new techniques to secure CT devices based on machine learning. Mahler and his team hope to collaborate with imaging manufacturers or hospital systems to conduct simulated attacks to discover and find solutions for more vulnerabilities.

More on News

More on Ben Gurion University of the Negev