Researchers aim to prevent medical imaging cyberattacks

Would you buy a copy of your X-ray?

Would you buy a copy of your X-ray?

Two new studies being presented this week at the annual meeting of the Radiological Society of North America (RSNA) address the potential risk of cyberattacks in medical imaging.

The Internet has been highly beneficial to health care–radiology included–improving access in remote areas, allowing for faster and better diagnoses, and vastly improving the management and transfer of medical records and images. However, increased connectivity can lead to increased vulnerability to outside interference.

Researchers and cybersecurity experts have begun to examine ways to mitigate the risk of cyberattacks in medical imaging before they become a real danger.

Medical imaging devices, such as X-ray, mammography, MRI and CT machines, play a crucial role in diagnosis and treatment. As these devices are typically connected to hospital networks, they can be potentially susceptible to sophisticated cyberattacks, including ransomware attacks that can disable the machines. Due to their critical role in the emergency room, CT devices may face the greatest risk of cyberattack.

In a study presented today, researchers from Ben-Gurion University of the Negev in Beer-Sheva, Israel, identified areas of vulnerability and ways to increase security in CT equipment. They demonstrated how a hacker might bypass security mechanisms of a CT machine in order to manipulate its behavior. Because CT uses ionizing radiation, changes to dose could negatively affect image quality, or–in extreme cases–pose harm to the patient.

 

“In the current phase of our research, we focus on developing solutions to prevent such attacks in order to protect medical devices,” said Tom Mahler, Ph.D. candidate and teaching assistant at Ben-Gurion University of the Negev. “Our solution monitors the outgoing commands from the device before they are executed, and will alert–and possibly halt–if it detects anomalies.”

For anomaly detection, the researchers developed a system using various advanced machine learning and deep learning methods, with training data consisting of actual commands recorded from real devices. The model learns to recognize normal commands and to predict if a new, unseen command is legitimate or not. If an attacker sends a malicious command to the device, the system will detect it and alert the operator before the command is executed.

“In cybersecurity, it is best to take the ‘onion’ model of protection and build the protection in layers,” Mahler said. “Previous efforts in this area have focused on securing the hospital network. Our solution is device-oriented, and our goal is to be the last line of defense for medical imaging devices.”

He added that it is also important to note that although these types of attacks are theoretically possible, there is no indication that they ever actually occurred.

“If health care manufacturers and hospitals will take a proactive approach, we could prevent such attacks from happening in the first place,” he said.

A second study, to be presented tomorrow, looked at the potential to tamper with mammogram results.

The researchers trained a cycle-consistent generative adversarial network (CycleGAN), a type of artificial intelligence application, on 680 mammographic images from 334 patients, to convert images showing cancer to healthy ones and to do the same, in reverse, for the normal control images. They wanted to determine if a CycleGAN could insert or remove cancer-specific features into mammograms in a realistic fashion.

“As doctors, it is our moral duty to first protect our patients from harm,” said Anton S. Becker, M.D., radiology resident at University Hospital Zurich and ETH Zurich, in Switzerland. “For example, as radiologists we are used to protecting patients from unnecessary radiation. When neural networks or other algorithms inevitably find their way into our clinical routine, we will need to learn how to protect our patients from any unwanted side effects of those as well.”

The images were presented to three radiologists, who reviewed the images and indicated whether they thought the images were genuine or modified. None of the radiologists could reliably distinguish between the two.

“Neural networks, such as CycleGAN, are not only able to learn what breast cancer looks like,” Dr. Becker said, “we have now shown that they can insert these learned characteristics into mammograms of healthy patients or remove cancerous lesions from the image and replace them with normal looking tissue.”

Dr. Becker anticipates that this type of attack won’t be feasible for at least five years and said patients shouldn’t be concerned right now. Still, he hopes to draw the attention of the medical community, and hardware and software vendors, so that they may make the necessary adjustments to address this issue while it is still theoretical.

Dr. Becker said that artificial intelligence, in general, will greatly enrich radiology, offering faster diagnoses and other advantages. He added that there are positive aspects to these findings as well.

“Neural networks can teach us more about the image characteristics of certain cancers, making us better doctors.”

Would you buy a copy of your X-ray?


Would you buy a copy of your X-ray?

Would you buy a copy of your X-ray?

Just having returned from a short vacation in Greece I have been forced to look at all the emails I ignored while sipping retsina and eating excellent rabbit cooked with wine and onions.

So I must confess I actually laughed out loud when I read this article from Leicester’s Hospitals.

They said ” It is now easier than ever for patients to buy copies of their x-rays. The Imaging Department at Leicester’s Hospitals has an exciting, new payment machine for patients who want personal copies of their x-ray images.

The new machine has been installed in the x-ray waiting room in the Balmoral building at the Royal. For a flat fee of £10, the images are burned onto an encrypted disc and posted out to patients at home the next working day*.

Colin Ross, superintendent radiographer for Leicester’s Hospitals, said: “We are really pleased to be able to offer this additional service to our patients who often ask our radiographers for copies of their pictures. Until now there has not been a quick and straight forward way for us to do this.”


Colin adds: “Although many hospitals in the UK are able to offer patients the chance to purchase ultrasound pictures of their babies, we are not aware of anywhere else that has one of these machines which allows patients to buy personal copies of their x-ray images.”

The new machine allows patients to pay for copies of their x-ray images by cash or card. It applies to all x-rays taken on the day, but does not extend to scans or historic x-rays.”

But then I remembered years ago my sister tried to buy a copy the x-ray taken of her broken arm. And most parents have copies of the ultrasound scan taken of their children. I have.

On the other hand people in the UK may consider it back door to privatisation of the UK’s National Health Service.

So what do you think? It would be great if you could take the poll below to share your views. Feel free to expand upon them in the comments section below.


Thanks in advance!