Criminals can fake medical scan results via remote network attacks

Cybercriminals can get access to the hospital network and fake medical scan results to create conditions or hide diseases

Cyber researchers from Israel reports about the risk of cyber virus attacks and faked medical scan results.

Computer viruses can do almost anything. However, according to the latest findings, malware can now be set to alter medical scan results to fake or hide conditions, tumors and cause injuries or even death in this way.^[1] If hackers could get access to the CT or MRI scan results, chances are that they could remove images or change them to cause misdiagnosis.

The latest study from Ben-Gurion University's IT team has also shown how hackers could get access to the remote network of the real hospital. Computer experts have also performed the remote access attack and applied deep learning to corrupt 3D scans according to their needs.^[2] They showed how they managed to access 3D scans and alter them to deceive radiology professionals and even artificial intelligence algorithms.^[3]

Corrupting such a kind of medical results can facilitate insurance fraud, injuries or even murder, as well as cyber attacks, terrorism or ransomware, as the researchers state:

By tampering with the medical imagery between the investigation and diagnosis stages, both the radiologist and the reporting physician believe the fallacy set by the attacker.

Medical scans were changed by using CT-GAN

3D scans combine several X-ray images to form a CT scan results with more detailed information than standard X-rays. These images get used to diagnose such diseases like cancer, heart issues, infections and many more. MRI scans are also similar, but this method involves powerful magnetic fields that help diagnose joint, bone or ligament conditions and injuries.

According to Dr. Yisroel Mirsky, the lead researcher in the BGU Department of Software and Information Systems Engineering, the attackers can take control of the location, number or size of the tumors while preserving the anatomy of the original 3D image.

Mirsky stated in the report:

The scans were not encrypted because the internal network is usually not connected to the internet. However, determined intruders can still gain access via the hospital’s Wi-Fi or physical access to the infrastructure. These networks are now being connected to the internet as well, which enables attackers to perform remote attacks.

For demonstration purposes, researchers asked for permission to show how this attack can be undertaken. After breaking into the network, they managed to intercept every CT scan made by the CT machine in the hospital. To change medical conditions, deep learning neural network called GAN was used.^[4]

To change medical conditions, experts used deep learning neural network called GAN was used.^[4] There were two types of network used: one to inject cancer and other – trained to remove cancerous tumors. Researchers have verified the effectiveness of this attack by hiring professionals to diagnose 70 affected and 30 authentic images.

Misdiagnosis can lead to injuries or even patients' death

As researchers from Firmus Medicus claim, during these sensitive times, when people encounter numerous diseases and other health issues, like infections, autoimmune syndromes, or even deadly conditions, getting a false diagnosis can be crucial, especially if they are not presented with the needed treatment or medication.

This example has revealed how 99 percent of corrupted scans can be altered to show fake tumors. Also, 94 percent of the images that had cancerous tumors eliminated from the results were misdiagnosed. Even when researchers exposed the manipulation, experts were incapable to confirm which images were altered.

One possible solution is to enable encryption between the hosts of the hospital's radiology network. Additionally, experts recommend installing digital signatures, so scanners sign each scan with a secure authentification mark. Researchers note how important it can be to secure servers and networks by employing the antivirus software and keeping the workstations up-to-date safely.^[5]