Terrifying Malware Alters CT Scans To Look Like Cancer, Fools Radiologists

CT scans are essential tools that help medical practitioners detect various medical conditions. Healthcare providers rely on the accuracy of these technologies, because a misdiagnosis could prove fatal. Unfortunately, this vital technology is vulnerable to hackers. Researchers recently designed malware that can add or take away fake cancerous nodules from CT and MRI scans.

Researchers at the University Cyber Security Research Center in Israel developed malware that can modify CT and MRI scans. During their research, they showed radiologists real lung CT scans, 70 of which had been altered. At least three radiologists were fooled nearly every time.

ct scan brain tumor
A CT Scan of a brain trauma. Image from Rehman T, Ali R, Tawil I, and Yonas H via Wikimedia Commons

The radiologists diagnosed cancer 99% when presented with images with added nodules and declared a patient to be healthy 94% when presented with scans where real nodules had been removed. The radiologists continued to misinterpret the scans even when told that some of them were fake. The malware even managed to fool other lung cancer screening software. This particular study focused on CT scans of lungs, but it is believed that the malware would work on a variety of CT and MRI scans.

How were these researchers able to alter the CT scans? CT and MRI scans are transmitted through picture archiving and communication systems (PACS). Hospitals typically do not digitally sign their scans and PACS are frequently unencrypted. Many hospitals believe that hackers cannot access their internal networks and therefore do not bother with encryption. Researcher Yisroel Mirsky noted hospitals are very concerned about privacy but, “what happens within the [hospital] system itself, which no regular person should have access to in general, they tend to be pretty lenient [about]. It’s not ... that they don’t care. It’s just that their priorities are set elsewhere.”

Unfortunately, many PACS are still connected to the Internet or can be accessed through other connected hospital devices. Hackers could potentially insert the malware once connected. PACS encryption technology does exist, but it is generally incompatible with older PACS networks.

It is never fun to be a victim of malware, but it can be particularly dangerous when that malware could lead to a disastrous misdiagnosis. The goal of the study was to bring attention to CT and MRI machine vulnerabilities. The researchers hope that hospitals will begin to enable end-to-end encryption on their PACS networks to prevent such dangerous attacks.

Image credit: Wikimedia Commons Author