A new study shows that hackers can access a patient’s 3-D medical scans to add or remove malignant lung cancer and overwhelmingly deceive both radiologists and artificial intelligence algorithms used to aid diagnosis. These 3-D medical scans are generally used to diagnose cancer because they provide more definitive evidence than preliminary 2-D X-Rays.
Malicious attackers can tamper with the scans to deliberately cause a misdiagnosis for insurance fraud, ransomware, cyberterrorism or even murder, according to a release disseminated by BGU. Attackers can even automate the entire process in a malware that can infect the hospital’s network.
“Our research shows how an attacker can realistically add or remove medical conditions from CT and MRI scans,” says Dr. Yisroel Mirsky, lead researcher in the BGU Department of Software and Information Systems Engineering. “In particular, we show how easily an attacker can access a hospital’s network, and then inject or remove lung cancers from a patient’s CT scan.”
To demonstrate the feasibility of the attack, the researchers broke into the network of an actual hospital and intercepted every scan taken by a CT scanner. The team had permission to do so.
When the scans of healthy patients were injected with cancer, the radiologists misdiagnosed 99% percent of them as being malign. When the algorithm removed cancers from actual cancer patients, the radiologists misdiagnosed 94% of the patients as being healthy.
After informing the radiologists of the attack, they still could not differentiate between the tampered and authentic images, misdiagnosing 60 percent of those with injections, and 87 percent of those with removals.
Mirsky said there are some immediate countermeasures that can mitigate most of the threat, such as enabling encryption between the hosts in the hospital’s radiology network, enabling digital signatures so that scanners sign each scan with a secure mark of authenticity, or implementing digital watermarking.