CT, MRI machines face the greatest risk of cyberattack, researchers warn
Core medical equipment including CT and MRI machines remain vulnerable to cyberattacks, researchers have warned.
It was first back in 2012 when a security researcher highlighted the importance of securing not only our PCs but also our connected medical devices after it was found that bugs in transmitters could be exploited to deliver lethal shocks to pacemakers.
In the following years, thousands of medical devices have been found to be open to exploit online, and it was only last year that the US Food and Drug Administration (FDA) issued a “voluntary recall” for Abbott pacemakers, formerly of St. Jude, to update firmware against attacks which could drain battery life, allow changes in programmed settings, or even change the beats and rhythm of the device.
Now, researchers from Ben-Gurion University in Beersheba, Israel, have issued a new report warning medical professionals that this issue is not being taken as seriously as it should—especially as vulnerable devices can place patient health and, potentially, lives at risk.
The report explores how Medical Imaging Devices (MIDs), such as Magnetic Resonance Imaging (MRI) or Computed Tomography (CT) systems are becoming increasingly vulnerable to cyberattacks.
These devices are commonly connected to hospital networks, and with this connectivity, an avenue is carved for cyberattackers to exploit vulnerabilities in outdated firmware.
Vulnerable MIDs may result in attacks which “target the devices’ infrastructure and components, which can disrupt digital patient records, and potentially jeopardize patients’ health,” according to the researchers.
The team believes that attacks on MIDs are going to increase as vulnerabilities are uncovered in more and more medical devices, and as we’ve already seen, attackers have no qualms when it comes to targeting hospitals.
The paper includes a survey of organizations in the healthcare industry and their risk of compromise due to cyberattacks. The researchers concluded that MID machines “face the greatest risk” due to their “pivotal role in acute care imaging.”
Ransomware remains a key issue, according to the paper. Hospitals in the U.K. and U.S. have already fallen prey to this malware and in many cases, will pay the blackmail demand, rather than disrupt services further.
Ransomware attacks have proven to be successful against hospitals, and it may be that in the future, MIDs will become blocked or disabled as part of ransomware campaigns.
Ransomware is not the only issue at hand, however, as the team believes there are more attack vectors which could pose a serious risk to patient health.
These include tampering with parameter values to alter radiation levels, changing the pitch of machines to disrupt MID mechanics, disrupting scan signals to manipulate scans, and denial-of-service (DoS) attacks that can prevent machines being used at all.
Hospitals and regulators must come together to prevent what may be fatalities in the healthcare sector one day, should attacks continue.