CybersecurityBetter cybersecurity for Medical Imaging Devices (MIDs)
Ben Gurion University’s (BGU) Malware Lab researchers are warning medical imaging device (MID) manufacturers and healthcare providers to become more diligent in protecting medical imaging equipment from cyber threats. In a new paper, BGU researchers demonstrate the relative ease of exploiting unpatched medical devices, such as computed tomography (CT) and magnetic resonance imaging (MRI) machines, many of which do not receive ongoing security updates.
Report: CT scanners and MRI machines require regular security updates // Source: .wikispaces.com/yahoo.com
Ben Gurion University’s (BGU) Malware Lab researchers are warning medical imaging device (MID) manufacturers and healthcare providers to become more diligent in protecting medical imaging equipment from cyber threats.
In their new paper, BGU researchers demonstrate the relative ease of exploiting unpatched medical devices, such as computed tomography (CT) and magnetic resonance imaging (MRI) machines, many of which do not receive ongoing security updates.
Consequently, an attacker can easily compromise the computer that controls the CT device causing the CT to emit high rates of radiation, which can harm the patient and cause severe damage. Attackers can also block access to MIDs or disable them altogether as part of a ransom attack, which has already occurred worldwide.
This study is a new frontier in cyber security research. It is part of a large-scale research project called Cyber-Med, initiated by Dr. Nir Nissim, head of the Malware Lab at BGU’s Cyber Security Research Center (CSRC). Cyber-Med aims to develop security mechanisms for the entirety of medical devices’ ecosystems, including implanted pace-makers, robotic surgeon systems (e.g. da Vinci), medical information systems and protocols, ICU medical devices, and MIDs.
AABGU notes that in recent years, MIDs have become more connected to hospital networks, which make them vulnerable to sophisticated cyberattacks that can target a device’s infrastructure and components, as well as fatally jeopardize a patient’s health and the hospital systems operations.
The research was released ahead of the Cybertech Conference which runs through Wednesday, 31 January, at the Tel Aviv Fairgrounds. BGU is the conference’s academic partner. Cybertech is one of the largest cyber events worldwide, drawing thousands of guests and delegations from eighty countries.
Malware Lab experts predict attacks on MIDs will increase. They foresee attackers developing more sophisticated skills directed at these types of devices, the mechanics and software of which are often installed on outdated Microsoft PCs.
