[HEALTH] A fictitious attack demonstrates security vulnerabilities in hospitals

      Israeli security researchers carried out a cyber-attack against a hospital in order to demonstrate the lack of security related to medical imaging equipment. Security researchers have created malicious software capable of distorting “CT and MRI scanners“. Their objective is to demonstrate that hospitals are vulnerable to cyber-attacks, particularly medical imaging equipment. This demonstration makes sense since 40% of the attacks of the “OrangeWorm hacker group are directed at the health sector”.

The software was created by experts from the Ben Gurion University Cybersecurity Research Centre to highlight hospitals’ lax methods of dealing with personal data. During the test phase, a radiologist was present to diagnose infestations via a lung CT scan. The software had modified the scanner in order to mislead the radiologist and without his knowledge, the radiologist diagnosed 99% cancer. Once the effects of the software were removed, a new diagnosis announced that health was 94% healthy.

The study was based solely on lung scans, but according to the researchers, it could also work on brain tumours, heart disease or fractures. This demonstration highlighted the breach of confidentiality and data that can be corrupted and shared with other hospitals or doctors.