A new piece of malware capable of altering the results of medical scans has been developed by a group of researchers at the Ben-Gurion University’s cybersecurity center. The malicious software, which can affect CAT and MRI scanners, is able to add fake cancerous tumors to medical results, fooling doctors, and potentially causing serious problems in medical institutions.
How the new malware works
In the tests carried out by the laboratory, the malware managed to alter 70 images, which tricked three radiologists into believing that the patients had cancer. They were also able to trick automated screening systems.
The malware was able to add tumors to images of lungs taken with MRI and CAT scanners. It can also remove tumors from images that actually had them, to prevent patients from receiving the necessary treatment.
During the experiment, the researchers used images of lungs, but have said that it would be possible to tune the malware to produce other fake illnesses, such as brain tumors, blood clots, fractures, or even spinal problems.
According to the researchers, one of the security flaws that facilitated this attack is the lack of digital signatures and encryption on such images. If these security measures are not applied to an image, it is much harder to spot if any modifications have been made.
This malware was developed to show how easy it can be to evade the security measures applied to diagnostic equipment. The malware could theoretically be used to sow doubt about the health of political leaders, sabotage research, commit insurance fraud, or even as part of a terrorist attack.
Healthcare: a vulnerable industry
As the digital revolution continues to spread farther and farther, it seems that the healthcare sector is becoming especially vulnerable to cybersecurity problems. According to a Ponemon Institute study, the healthcare sector is the industry with the highest data breach costs: $408 per record, almost three times higher than the cross-industry average. What’s more, 77% of healthcare organizations in the USA have experienced some kind of security breach.
So, why are these organizations so vulnerable? Part of the reason is the fact that the records that they handle contain vast quantities of personal information. This of course is highly valuable to cybercriminals, who can use it for all sorts of reasons, such as carrying out targeted attacks, or simply selling it to the highest bidder.
What’s more, hospitals very often use relatively antiquated computers, along with obsolete protection systems.
Over the last few years, the sector has experienced such alarming attacks as the leaking of the personal data of 1.5 million patients in Singapore last year, or the WannaCry attacks, which cost the NHS almost £100 million (€115.82 million).
What can be done to protect against this kind of attack?
Luckily, this malware was developed in a laboratory environment, so has never been used in a real attack. The security flaws that it reveals, however, are all too real. It’s therefore a very good idea for hospitals to strengthen their information encryption policies to stop cybercriminals gaining access to sensitive files.
Another vital component is an advanced cybersecurity solution. Panda Adaptive Defense 360 classifies absolutely every activity running on every endpoint. This guarantees that they are protected against known malware, and advanced threats such as zero days, advanced persistent threats, and targeted attacks. IT systems are thus protected against known threats, as well as against new threats, providing absolute control of every running process, and reducing the attack surface.
Another vital layer of security are modules created specifically to stop unauthorized parties from accessing, modifying or exfiltrating information. One such module is Panda Data Control. It discovers, audits and monitors unstructured personal and sensitive data on endpoints, from data at rest, to data in use and data in motion. Because there’s no such thing as too much security in an industry that handles its customers’ most vital data: that related to their health.
To find out more about the cybersecurity problems that the healthcare sector faces, as well as how hospitals and other organizations in the sector can protect themselves against all kinds of threats, download our whitepaper, The Cyber-Pandemic.