Cancer is a serious issue that affects millions of people around the world. This disease targets anyone from any country and background, effectively making it nature's "ultimate equalizer." The most common way to detect cancer is through CT and MRI scans that peer into the body and find cancerous lumps and tumors. What would happen if those machine's results were compromised or altered? What if they reported false positives and "found" cancer that wasn't there?
A Malware that Can Directly Affect Your Heal
A team of Israeli researchers claim to have developed just such a form of malware in order to draw attention to the security vulnerabilities in this imaging equipment. These vulnerabilities could have serious, potentially life-changing consequences if left unchecked.
The malware was created by Yisroel Mirsky, Yuval Elovici, and two of their companions at the Ben-Gurion University Cyber Security Research Center in Israel. They believe that attackers could potentially target politicians to make them believe that they are unable to continue the race.
How it Works
The malware has the power to add realistic-looking cancerous growths – or take them away – before a doctor is able to examine it. The result is a misdiagnosis and patients not getting the care they need in order to survive.
There's already proof that the concerns over tricking radiologists are grounded in reality. The researchers conducted a blind study where radiologists were presented with a mixture of CT scans that showed real and faked cancer. They believed the fake cancer was real 60% of the time and misdiagnosed cancer patients as being healthy 87% of the time.
The researchers developed the malware by using machine learning to train code to rapidly assess scans passing through the PACS network and adjust tumors to meet the unique dimensions and anatomy of a patient so that they looked realistic. The attack could be fully automated so that it operates by itself as soon as it is installed on a network. It can even be programmed to target specific patients.
Ways to Mitigate Infection
Hospitals can help to prevent the CT scans from being altered by enabling proper end-to-end encryption on their PACS network and digitally sign emails. Workstations should be configured to verify electronic signatures and flag any images that haven't been appropriately signed.
The radiologists involved in the study recommend that patients who showed signs of cancerous lung nodules should be referred to specialists. They suggested that at least a third of the patients have some form of surgery, including tissue biopsies. Performing that kind of surgery for someone who doesn't need it is a colossal waste of time and resources – not to mention a severe source of strain and anxiety for the patient.