Researchers from the Ben-Gurion University and Soroka University Medical Center, Israel have developed a proof-of-concept malware that can use machine learning techniques which are known as the generative adversarial network(GAN) to alter the 3D images obtained during a Computer Tomography Scan.
CT scanners are usually operated through picture archiving and communication system (PACS) which can receive the scans from the scanner, store them and supply them to the radiologists. The information is transferred and stored using a format named DICOM. Well, renowned companies such as Philips, GE Healthcare and Fujifilm provide the PACS products.
But the researchers have identified a major flaw in this. The servers of PACS and DICOM are not secured properly and they are left unprotected from the Internet. The Shodan search engine conducted a scan which detected almost 2500 servers which were connected to the Internet. The data of the medical scanning is transmitted through the network without any kind of encryption and thus it is very susceptible to man-in-the-middle (MitM) attacks and further manipulation from dangerous sources.
The attackers can very easily target the PACS which are connected via the Internet, or they could also get access to a particular organization’s network and initiate the attack from there. Any damage can also occur if any local technician with malicious intent physically connects a MitM device between the scanner’s workstation and the network belonging to the PACS.
After intercepting the traffic from the CT scanner, the attackers can use a framework which is called CT-GAN, to tamper the images before they reach the concerned radiologist who analyses the results.
The working efficiency of the attack was checked by the experts who asked radiologists to analyse a combination of 30 original CT scans and 70 altered scans. The malware inserted evidence of malign cancer in the scans of the patients who were healthy and removed the symptoms from those of the cancer patients. As a result of this, the researchers managed to fool a well-known lung cancer screening institute in each one of the tests.
Such an attack can have dangerous implications. If performed at a scale it can result in wrong treatments of patients, misuse of insurance funds, medical terrorism and destroying well-renowned research centres. If this attack is used to tamper a political candidate’s CT scan it can make the candidate withdraw from the electoral campaign.
This method can be used in various illnesses such as heart diseases, blood clots, infections, torn ligaments. The complete details have been published in this paper by the researchers.