Hackers Can Target CT, MRI Scanners & Manipulate Scan Results
This is startling indeed- Hackers can infect CT, MRI scanners with the virus, manipulate scan results and create or erase cancer nodes as well.
Cybersecurity experts in Israel have found in CT and MRI scanners vulnerabilities that could help cybercriminals hack the scanners and cause scan result manipulation, which could eventually lead to misdiagnosis.
A group of experts at the Ben-Gurion University Cyber Security Labs in Israel, led by Yisroel Mirsky and Yuval Elovici have reportedly found that vulnerabilities in CT and MRI scan could be exploited by malicious actors to add fake cancer nodes or even cause a real tumor to be erased in a resultant scan copy. The researchers conducted a blind test and were able to create and erase cancerous nodes in the CT scan of a patient suffering from lung cancer. Even experienced radiologists believed that the scan copy, which was manipulated and fake, was genuine, thereby leading them to misdiagnose the patient’s physical condition.
IBTimes (International Business Times) reports- “In the blind test conducted by Yisroel Mirsky, Yuval Elovici and two others of the Cyber Security Labs at the Ben-Gurion University in Israel were able to create and also erase cancerous nodes in CT scan of a lung cancer patient. The most dangerous aspect was most of the experienced radiologists believed the scan copy was genuine and leading them to misdiagnose the patient’s condition.”
The report further says, “Security experts then went ahead by revealing the concerned medical experts that CT scanned copy was fabricated and gave them another copy of fake CT scan and again around 60-percent of them misdiagnosed the case study.”
Hackers can thus exploit the vulnerability to create fake cancerous nodes or erase real ones on the lungs, the brain, bones, spine, etc. They could manipulate results pertaining to spinal injuries, arthritis, ligament injuries, bone fractures, heart diseases, and many serious medical conditions.
The hackers point out that hackers manage to change 3D body scans in real time by using a MITM (Man-in-the-Middle) device comprising a simple Raspberry Pi 3 series computer with network bridge set up, a Wi-Fi access point and a cancer injection/removal application software installed in it and placing this MITM device near an unguarded scanner. The MITM device would intercept and manipulate data in real time.
The researchers who have discovered the vulnerability point out that this is a very serious issue, one that could have grave consequences. The IBTimes report says, “Yisroel Mirsky, Yuval Elovici and the team have shown concern that hackers with medical knowledge may misuse it to harm, if not kill important global personalities, as doctors will most likely fail to recognize the underlying condition.”
Kevin Jones949 Posts
Kevin Jones, Ph.D., is a research associate and a Cyber Security Author with experience in Penetration Testing, Vulnerability Assessments, Monitoring solutions, Surveillance and Offensive technologies etc. Currently, he is a freelance writer on latest security news and other happenings. He has authored numerous articles and exploits which can be found on popular sites like hackercombat.com and others.