Greg Freiherr, Industry Consultant
Greg Freiherr, Industry Consultant

Greg Freiherr has reported on developments in radiology since 1983. He runs the consulting service, The Freiherr Group.

Blog | Greg Freiherr, Industry Consultant | Cybersecurity | February 04, 2019

How to Boost Cybersecurity in Medical Imaging

Cyber hackers pose a worsening threat to radiology and the rest of medical imaging. This risk might be reduced, however, by applying best practices developed by professional organizations such as HIMSS (Healthcare Information and Management Systems Society) and government agencies such as HHS (Health and Human Services) and NIST (National Institute of Standards).

This help is coming none too soon, according to Axel Wirth, distinguished technical architect at Symantec and one of the world’s foremost authorities on cybersecurity.

“Attacks are not only becoming more frequent and more sophisticated but they are also becoming much more malicious and purposeful,” said Wirth in an ITN podcast on cybersecurity in medical imaging and health care.

Wirth, who has spoken often on health IT topics, including medical device cyber safety, will deliver the keynote speech February 11 at the Cybersecurity forum during the annual HIMSS convention in Orlando.

 

Why Hackers Target Medical Imaging

Medical imaging presents easy targets to attackers. This is one of the prime reasons it has been attacked, Wirth said during ITN’s podcast on cybersecurity. Scanners “and things like PACS and PACS workstations were exploited by attackers as a beachhead,” Wirth said in the podcast, noting that cyber attacks on imaging equipment and imaging networks have been done to access “higher valued information.”

But cyber attackers may also target medical imaging and health care for other reasons, he said. Nation states and nation-sponsored groups may be after information about the design of medical devices and formularies for new pharmaceuticals, as well as clinical trial data.

Or they may use malware to encrypt patient data, and then offer to sell the decryption code to victims. Health care is not the only industry susceptible to ransomware, but it is especially vulnerable. Wirth said, “I can’t tell a patient that arrives in the emergency room with chest pain that unfortunately we are dealing with a cyber attack: ‘Can you come back next week?’ ”

The good news is that cybersecurity in health care is maturing “at a fairly rapid pace,” Wirth said in the podcast. The key to continuing that pace is making sure cybersecurity is applied throughout health care — “not just (to) a few select thought leaders and large hospitals.”

 

Where To Find Best Practices in Cybersecurity

An HHS document detailing cybersecurity practices in health care notes the cybersecurity risks and how different size practices might address them. “What is good about this document is that they really broke it down, based on size … and maturity of the organization,” said Wirth, who cited similarly crafted HIMSS guidances “for various types of organizations based on size and maturity level.”

Wirth also cited a NIST publication that establishes a generic cybersecurity framework.  “Different industries and individual organizations (can) take that framework, adapt it to their needs and circumstances, and then develop a roadmap for a path to security,” he said.

As the interconnectivity of medical imaging increases due to cloud computing, analytics and data storage, as well as the expansion of enterprise imaging, the threat from cyber criminals is growing. “More connectivity always creates more opportunity (for cyber attackers),” Wirth said.

In the podcast, Wirth describes steps that providers might take in concert with equipment manufacturers to counter this rising threat. Some “would depend on the type of equipment you are purchasing,” he said.  In the podcast, he contrasts how considerations differ when purchasing ultrasound scanners, for example, versus PET/CTs.

 

Additional Reading:

FDA and DHS Expand Partnership on Medical Device Cybersecurity 

How To Stop (Or Slow) Hackers 

Agents of Change: Cybersecurity In A World Of Old And New 

 

Greg Freiherr is a contributing editor for Imaging Technology News (ITN). Over the past three decades, Freiherr has served as business and technology editor for publications in medical imaging, as well as consulted for vendors, professional organizations, academia and financial institutions.

 

Editor's note: In preparation for the upcoming HIMSS (Healthcare Information and Management Systems Society) Conference on Feb. 11, contributing editor Greg Freiherr begins the show coverage with this exclusive podcast and accompanying blog. This is the first podcast in a series of three.

Related Content

#COVID19 #Coronavirus #2019nCoV #Wuhanvirus #SARScov2

Getty Images

Feature | Coronavirus (COVID-19) | April 03, 2020 | By Melinda Taschetta-Millane and Dave Fornell
In an effort to keep the imaging field updated on the latest information being released on coronavirus (COVID-19), th
Recommended best practices for nuclear imaging departments under the COVIF-19 pandemic have been issues by the ASNC and SNMMI. #COVID19 #ASNC #SNMMI #Coronavirus #SARScov2
News | Coronavirus (COVID-19) | April 03, 2020
April 3, 2020 — A new guidance document on best practices to maintain safety and minimize contamination in nuclear im
Jeannie Danker, M.D. #COVID19 #Coronavirus #2019nCoV #Wuhanvirus #SARScov2

Jeannie Danker, M.D. Photo courtesy of The Ohio State University Wexner Medical Center

News | Coronavirus (COVID-19) | April 03, 2020 | By Melinda Taschetta-Millane
April 3, 2020 — The radiology world has lost a dedicated leader due to...
An estimated 44 million people worldwide are currently living with Alzheimer’s disease, the most common form of dementia. About 5.8 million people in the United States live with the disease, where it is the sixth leading cause of death overall. While there is not yet a cure for Alzheimer’s, researchers are working to find treatment options to delay its onset and prevent it from developing.

Image courtesy of Insightec

Feature | Ultrasound Imaging | April 02, 2020 | By Katie Caron
An estimated 44 million people worldwide are currently living with...
An example of Philips’ TrueVue technology, which offers photo-realistic rendering and the ability to change the location of the lighting source on 3-D ultrasound images. In this example of two Amplazer transcatheter septal occluder devices in the heart, the operator demonstrating the product was able to push the lighting source behind the devices into the other chamber of the heart. This illuminated a hole that was still present that the occluders did not seal.

An example of Philips’ TrueVue technology, which offers photo-realistic rendering and the ability to change the location of the lighting source on 3-D ultrasound images. In this example of two Amplazer transcatheter septal occluder devices in the heart, the operator demonstrating the product was able to push the lighting source behind the devices into the other chamber of the heart. This illuminated a hole that was still present that the occluders did not seal. Photo by Dave Fornell

Feature | Radiology Imaging | April 02, 2020 | By Katie Caron
A new year — and decade — offers the opportunity to reflect on the advancements and challenges of years gone by and p
#COVID19 #Coronavirus #2019nCoV #Wuhanvirus

Getty Images

Feature | Coronavirus (COVID-19) | April 02, 2020 | Jilan Liu and HIMSS Greater China Team
Information technologies have played a pivotal role in China’s response to the novel coronavirus...
#COVID19 #Coronavirus #2019nCoV #Wuhanvirus #SARScov2 Esaote won a tender launched by Consip on behalf of Civil Protection for the distribution of diagnostic equipment in Italy to face COVID-19 emergency.

Esaote won a tender launched by Consip on behalf of Civil Protection for the distribution of diagnostic equipment in Italy to face COVID-19 emergency.

News | Ultrasound Imaging | April 02, 2020
April 2, 2020 — Esaote, an Italian company among the world leader
#COVID19 #Coronavirus #2019nCoV #Wuhanvirus #SARScov2 Updated CT scoring criteria from AJR considers both lobe involvement and changes in CT findings to quantitatively and accurately evaluate the progression of COVID-19 pneumonia

CT scoring criteria were applied to images from sequential chest CT examinations. A, Initial chest CT image obtained 2 days after onset of symptoms shows small region of subpleural ground-glass opacities in right lower lobe, for CT score of 1. B, Chest CT image obtained on day 3 of treatment shows slightly enlarged region of subpleural ground-glass opacities with partial crazy-paving pattern and consolidation, for CT score of 3. C, Chest CT image obtained on day 5 of treatment shows partial resolution of consolidation, for CT score of 2. D, Chest CT image obtained on day 14 of treatment shows continued resolution of consolidation with minimal residual ground-glass opacities, for CT score of 1. Image courtesy of American Journal of Roentgenology (AJR)

News | Computed Tomography (CT) | April 02, 2020
April 2, 2020 — Updated computed t...
Improvised PPE face mask worn by a radiology technologist during rounds atSen. Gerardo M. Roxas Memorial District Hospital in Iloilo City, Philippines. #COVID19 #Coronavirus #SARScov2

Improvised PPE face mask worn by a radiology technologist during rounds at Sen. Gerardo M. Roxas Memorial District Hospital in Iloilo City, Philippines.

Feature | Coronavirus (COVID-19) | April 02, 2020 | Dave Fornell, Editor
There has been an extraordinary demand for personal protective equipment (PPE) with the rapid spread of the novel ...
#COVID19 #Coronavirus #2019nCoV #Wuhanvirus #SARScov2 New studies use SIRD model to forecast COVID-19 spread; examine patient CT scans to correlate clinical features with mortality

Fig 1. A sample scoring on CT images of a 63-year-old woman from mortality group demonstrated a total score of 63. It was calculated as: for upper zone (A), 3 (consolidation) × 3 (50–75% distribution) × 2 (both right and left lungs) + 2 (ground glass opacity) ×1 (< 25% distribution) × 2 (both right and left lungs); for middle zone (B), 3 (consolidation) × 2 (25–50% distribution) × 2 (both right and left lungs) + 2 (ground glass opacity) × 2 (25–50% distribution) × 2 (both right and left lungs); for lower zone (C), 3 (consolidation) × (2 (25–50% distribution of the right lung) + 3 (50–75% distribution of the left lung)) + 2 (ground glass opacity) × (2 (25–50% distribution of the right lung) + 1 (< 25% distribution of the left lung)) Yuan et al, 2020 (CC BY 4.0)

News | Coronavirus (COVID-19) | April 01, 2020
April 1, 2020 — A new study, ...