search.noResults

search.searching

dataCollection.invalidEmail
note.createNoteMessage

search.noResults

search.searching

orderForm.title

orderForm.productCode
orderForm.description
orderForm.quantity
orderForm.itemPrice
orderForm.price
orderForm.totalPrice
orderForm.deliveryDetails.billingAddress
orderForm.deliveryDetails.deliveryAddress
orderForm.noItems
CYBER CORNER


What kind of team did you as- semble for that study? I assembled an elite team of the best people on earth for that topic, including the cyber- security researchers who had recently found the vulnerabilities I just talked about, as well as the two co-leaders of the DICOM Security workgroup, responsible for adding all secu- rity features to the DICOM standard. We did extensive brainstorming and a thorough analysis of the ways in which the DICOM standard could be abused and published our results and recommendations in one of the top radiology journals.


What major cybersecurity issues did you fi nd in the study? We found many ways to exploit the DICOM standard and DICOM servers, relating to the confi dentiality, integrity and availability of medical images. I’m happy to elaborate on three of them: issues with data at rest, issues with data in transit and data integrity issues.


What are some issues with data at rest? There are several problems with the security of data at rest on DICOM servers, coming from both outside and inside medical institutions. A minority of DICOM servers are poorly confi gured and can be accessed remotely. Not all of those offer the same level of access to their images. But even if a DICOM server is properly protected from access from out- side an institution, hackers can simply walk into hospitals and connect their laptop to the hospital network, from a network jack in a hallway or a patient room and access the DICOM servers. The DICOM standard includes features to protect data on media and in emails, including encryption, but does not provide for encryption of data on DICOM servers. Furthermore, most of the encryption features are not implemented.


What about issues with data in transit? There are several problems with the security of data in transit — for example, on network connections between CT scanners and DICOM servers. One of the co-authors on our paper is part of the Israel group that found a way to intercept DICOM images acquired by CT scanners on their way to the DICOM server and used an artifi cial intelligence approach to either add nodules or subtract nodules on chest CT scans. Most radiologists were fooled by the tampered images. This hack was made possible because of lack of encryption on network connections. The DICOM standard includes features for encryption of data in transit using TLS, which is implemented in most systems, but not always used.


What about data integrity issues? There are several problems with the lack of integrity check in transmitted DICOM images.


The current DICOM standard includes an image “creator digital signature” fi eld which can be populated by the device acquiring the image, for lifetime integrity check. But this is often not implemented by the manufactur- ers, or if they are implemented, are simply not used in practice. I already mentioned the violation of image integrity when lung nodules were added to CT images in transit. Another example is also from one of the co-authors on our paper from the group in Spain who found a way to embed malware into DICOM images. He embedded malware into DICOM private attributes in the DICOM


What about recommendations for local IT experts? Local IT experts need to carefully monitor their networks for any suspicious activity from the outside or the inside. They need to properly authenticate all users sending and requesting images, limit access of images to only legitimate users, limit the network visibility of their DICOM servers and imag- ing devices, and use already implemented DICOM features to securely transmit images within the institution and with outside institu- tions. They should implement rate limiters to prevent denial of service attacks and should disable CD auto-loading on all radiology workstations.


Benoit Desjardins, M.D., Ph.D.


header and replaced the DICOM preamble by the header of windows executable fi les. Any hack involving remote command execution could trigger that malware and take over a computer system.


What are the main recommenda- tions you made related to the security of medical images? The use of encryption and digital signatures require a system of keys and certifi cates that are complex and require a lot of overhead. We need to fi gure out how to store, acquire and recover keys, and how to authenticate people requesting keys. DICOM security leaders need to integrate modern technologies to more eas- ily deal with encryption keys and certifi cates. Many security features in the DICOM


standard have never been implemented by manufacturers because they thought medical images were safe at rest and in transit. We now know they are not, and this is a powerful incentive to implement all DICOM security features. New technologies to manage encryption


keys and certifi cates will help implementation of these features. Once an image is generated by a scanner, the “Creator Digital Signature” of the created DICOM fi le should be populated by the scanner. And every time that image is transmitted to another medical device, this signature should be checked, and warnings issued if it is incorrect or missing. Image vali- dators should also be implemented to verify the internal consistency of DICOM images.


What about recommendations for radiologists and technologists? Radiologists are already primed to detect errors in medical images. For example, if the chest radiograph of a male patient looks normal, but on the next radiograph the patient has grown breasts, then radiologists instinctually know that this is probably the radiograph of a different patient which has been mislabeled. But if the next radiograph shows new lung nodules, then they do check if it is the same patient but should also consider in the back of their minds the possibility of corrupted or tampered images. They should also make sure to maintain confi dentiality at all times, by encrypting laptops containing imaging data and never sending such data over public networks. And if they are handed a compact disk for a curbside consult at the imaging workstation, they should not load it in their workstation as it could contain malware.


How has the COVID pandemic affected the practice of radiol- ogy and what are the cyber implications? The pandemic had considerable impact on medical practice, especially for remote work. At my institution, consultations by telehealth between doctors and patients went from 50 a day to 7,000 a day. Most radiologists have very limited interactions with patients. For a radiologist, the only differences between working at home and working at the hospital is that it’s a little bit slower and a lot lonelier at home. But radiologists must keep security in mind. The radiologist’s home workstation connects to a home router, which connects via the internet to the hospital VPN device, which itself connects to the hospital servers. Each of those points is vulnerable in many differ- ent ways. Radiologists must make sure that their home equipment has not been com- promised. In particular they need to change their router’s default admin password, to avoid their router from being hijacked by hackers. This has happened with thousands of home routers, which can redirect links to hackers’ websites and can intercept data. HI


NOVEMBER/DECEMBER 2020 | hcinnovationgroup.com 27


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32