search.noResults

search.searching

dataCollection.invalidEmail
note.createNoteMessage

search.noResults

search.searching

orderForm.title

orderForm.productCode
orderForm.description
orderForm.quantity
orderForm.itemPrice
orderForm.price
orderForm.totalPrice
orderForm.deliveryDetails.billingAddress
orderForm.deliveryDetails.deliveryAddress
orderForm.noItems
CYBER CORNER


Imaging Systems Vulnerable to Cyberattack


Researchers found many ways to exploit the DICOM standard and DICOM servers, relating to the confidentiality, integrity and availability of medical images By David Raths


H


ealthcare Innovation’s recent Northeast Virtual Cybersecurity Summit featured a discussion with Benoit Desjardins


M.D., Ph.D., an associate professor of radi- ology and medicine at the University of Pennsylvania, who has recently published research on the cybersecurity of medical images. Desjardins is a reformed hacker from Canada, who pursued a career in medicine after graduate studies in artificial intelligence and mathematics.


As a clinician and ex-hacker, what made you renew your inter- est in hacking and cybersecurity? In 2017, I attended DEFCON in Vegas. When I went to attend a small evening session on cybersecurity in healthcare, 500 people were in line at the door waiting to get in. They moved us to a larger room and gave us an update on recent cyberattacks like Wannacry and NotPetya, and everything else going on in the field. This was fascinating and I decided to renew old interests. I then attended several conferences and completed


26


several certifications in cybersecurity to bring my knowledge and hacking skills up to date. I also started interacting with some of the lead- ers in the field and with the cybersecurity team at my institution.


You recently published research on the cybersecurity of medi- cal images. What can you tell us about the context for that research? In the past 10 years, there have been over 3,000 reported breaches of medical records, including the Anthem breach, which included 78 million records. But these breaches involved mostly general medical records. Medical images are stored in different servers and are relatively safe from breaches, although this was safety through obscurity. Medical images use the DICOM standard, proposed in the 1980s for integration between different imaging devices from multiple manufac- turers. Medical images are not stored on the electronic medical record, but rather


hcinnovationgroup.com | NOVEMBER/DECEMBER 2020


on DICOM servers, which have different IP addresses and different access methods.


Have there been recent breaches of medical images? Over the past two years, three different cyber- security research groups have performed controlled breaches of DICOM servers: one from the Mass General Hospital, one from McAfee, and one from Greenbone Networks. They used either the Shodan search engine or did an exhaustive search of worldwide IP addresses for DICOM servers. They found that thousands of DICOM servers were unprotected and their images could be easily accessed from anywhere on the planet. News of this went all the way to Congress. Then last year, a group from Spain found a


way to embed malware in DICOM images and a group from Israel found a way to add lung nodules on intercepted CT scan images being transmitted from a CT scanner to a DICOM server. So I decided to undertake a thorough study of the exploitability of DICOM images and DICOM servers.


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32