MRI and especially CT scanners are vulnerable to cyberattacks such as the WannaCry virus, and manufacturers and healthcare providers must be aware of the risks and mechanisms behind potential attacks to create a safe healthcare environment and protect patients, according to an Israeli study published on arXiv.org.
Working in collaboration with the largest health maintenance organization in Israel, researchers from the Malware Lab at Ben-Gurion University of the Negev in Beer-Sheva conducted a risk-analysis survey of MRI and CT scanners. The survey assessed a range of vulnerabilities and potential attacks on MRI and CT scanners, medical and imaging information systems, and medical protocols and standards.
The researchers found that CT systems have the greatest risk of cyberattack due to their pivotal role in acute care imaging. The researchers, led by Nir Nissim, PhD, found that the infrastructure and functionality of CT devices could be targeted using several possible attack vectors, which could lead to the following:
- Disruption of the parameters used in scanning within the CT device (e.g., tampering with the radiation exposure levels)
- Mechanical disruption of the CT device (e.g., changing the pitch)
- Disruption of the tomography scan signals constructing the digital images
- Denial-of-service attacks against the CT device
Due to its central position and controls, the host control PC is the most vulnerable component in the CT scanner ecosystem. However, government regulations make it difficult to maintain regular updates to this component, and common computer security methods such as antivirus software are insufficient to prevent cyberattacks, according to the researchers.
As a result, other approaches are needed to better protect these devices, they wrote. For their part, Nissim and colleagues are now working on a machine learning-based method for securing CT devices.
"Our technique will take an out-of-band approach, by learning the actual commands being sent to the CT's gantry, together with patients' profiles and scan labels and detecting anomalies," the group wrote. "Such method can assume that the host control PC is infected, and by taking an out-of-band approach, we can examine the sent commands before they arrive to the CT's gantry, enabling to prevent malicious commands before they occur."