Greg Freiherr has reported on developments in radiology since 1983. He runs the consulting service, The Freiherr Group.

Blog | Cybersecurity | October 05, 2018

How To Stop (Or Slow) Hackers

cybersecurity

Like low-hanging cyber fruit, hospitals are ripe for plucking. And hackers have already started the harvest.

A 12-month analysis of cyberattacks by enterprise security company Proofpoint found that ransomware, which keeps legitimate users from accessing the data on their systems until ransom is paid for their release, is shutting down emergency rooms. The analysis also found that phishing schemes using emails are defrauding patients and providers.

Cybercriminals have done much of the damage. But they are not the only ones to fear. Nation states have attacked other segments of American society. Look no further than the hack by North Korea of Sony Pictures (see “North Korean hackers sanctioned, facing charges for Sony hack, Wannacry ransomware attack,” CNBC) and concerns about potential hacking of the 2018 midterm elections (“Election hacking: security upgrades are too little, too late for 2018 midterms and race is already on for 2020, experts say,” Newsweek) for proof of that. Terrorists pose a special threat, as their sole purpose is to create fear.

So concerned about hacking was Dick Cheney in 2007 that the vice president disabled the wireless feature of his implanted defibrillator. Cheney was worried, according to CBS News, that “a terrorist could assassinate the vice president by sending a signal to the device.” A similarly nightmarish scenario would be terrorist-controlled CT scanners or linear accelerators that deliver excessive doses of radiation.

Ironically, healthcare seems less concerned about hackers and more about achieving the tenets of value-based medicine. Its focus on improving patient experience and reducing cost has pushed cybersecurity down the list of spending priorities when it should be rising.

 

Not What Was Hoped

How can hackers be stopped — or at least slowed down? First, cyberthreats have to be seen for what they are. This means recognizing that the machines most vulnerable to hacking are the most modern ones. The heightened vulnerability comes from their increased use of digital technology, which offers hackers more possible entry points. (An exception is equipment that runs old versions of operating systems. These are vulnerable, if security patches are not applied, a circumstance that commonly happens when OS versions are no longer supported.)

Second, the operators of digital imaging devices must see that connecting to the internet increases vulnerability. This risk already exists and will grow more severe in the near future. A massive expansion of device connectivity will come with 5G, the next generation of wireless technology, which promises speeds beginning at 20 times those of 4G. Imagine 5G towers beaming high-speed internet directly to medical devices, making the internet connections free from routers and conventional Wi-Fi that might be leveraged to provide some protection.

 

Fighting Off Cyberattacks

So how can the imaging industry protect against cyberattacks now and in the future? One way, according to a NEMA/MITA white paper published three years ago, is to adopt best practices.

For manufacturers that means making user interfaces simple yet secure. One key, according to NEMA/MITA, is to require multifactorial authentication, such as a password and a biometric identifier.

Another is to use firewalls that restrict access to radiological devices. By monitoring and controlling network traffic, firewalls can put up barriers between trusted internal networks and untrusted external networks, such as the internet.

A third approach, called the 3-2-1 rule, has been gaining traction lately among cybersecurity professionals. This rule states that every piece of critical data should have three copies; stored on at least two different types of media; with at least one medium away from where the data are primarily stored. Cloud-based storage (see “How Two Providers Use The Cloud To Prepare For Disaster”) is one of these media.

Although the imaging industry is making use of the cloud, just using the cloud is not enough. Sites may use cloud storage as the primary or even sole means of storing data. While affording some protection, this kind of cloud-based strategy undoes the benefits of the 3-2-1 rule.

A fourth possibility for defending against cyberattack is penetration testing. This practice, commonly referred to as “red teaming,” is similar to the child’s game “Capture the Flag.” As used in cybersecurity, the red team attempts to access data, while another defends against the attack.

The process might be preceded by “tabletop exercises.” In these a consulting firm may describe the hypothetical scenario of a cyberattack to the leaders of a hospital. Sitting in the relative safety of a conference room, the chief information security officer, others from the C-suite and a few hand-picked IT folks might be asked how they would respond. The intent behind such exercises is simply to expose vulnerabilities and sensitize the client to existing dangers.

At the other end of the spectrum are field exercises in which white hatters, so called because they are “good” hackers, attack a network to probe its defenses. This may reveal actual vulnerabilities that could be exploited by hackers with nefarious intent. But, if a white hatter turns black and takes the opportunity to attack the network rather than probe it, the process can go south quickly. This is why red team members must be carefully vetted, if probing attacks are to be carried out.

 

High Stakes

The healthcare industry must be prepared for hack attacks, cybersecurity experts agree. The very essence of value-based medicine hangs in the balance. How can patients be safe and their needs met, if they and their data are not safe?

Unfortunately, no digital device can be made 100 percent safe from attack. Phishing, in which emails sent to staffers unleash malware, presents a continuing threat. Only training and an ever-vigilant staff can keep phishing attempts from succeeding.

And, unfortunately, digital imaging devices are vulnerable, even when they are not connected to the Internet. All it may take is someone with an ax to grind or a digital vandal (akin to the folks who “tag” train cars and buildings) to slide a malware-ridden USB drive into a computer connected to a medical data network. For this reason, the best defense, according to cybersecurity experts, is a robust data management system, one that can persist even when attacked.

Such a system may have resident software that looks for and shuts down unauthorized access, one that uses multifactorial authentication to spot intruders, for example. It may involve the use of multiple copies of data on different media, such as the cloud. Or it may depend on the digital equivalent of whistling past the graveyard.

Cybersecurity experts do not recommend the latter.


Related Content

News | Artificial Intelligence

June 7, 2023 — Riverain Technologies, a medical device company revolutionizing chest imaging interpretation with Clear ...

Time June 07, 2023
arrow
News | Radiation Oncology

June 5, 2023 — Volpara Health Technologies Ltd. announces its founding membership in CancerX, a public-private ...

Time June 05, 2023
arrow
News | Enterprise Imaging

June 1, 2023 — aycan, a recognized worldwide leader in medical imaging, released aycan workstation 4.00 earlier this ...

Time June 01, 2023
arrow
Feature | Radiology Imaging | By Melinda Taschetta-Millane

It's been a fruitful month for itnonline.com! Here's a look at what ITN viewers found to be most interesting during the ...

Time June 01, 2023
arrow
News | Artificial Intelligence

May 31, 2023 — GE HealthCare announced US FDA 510(k) clearance of Precision DL – a new, revolutionary deep learning ...

Time May 31, 2023
arrow
News | Radiation Oncology

May 31, 2023 — Elekta announced the launch of the first phase of Elekta ONE*, its most comprehensive and advanced ...

Time May 31, 2023
arrow
News | Radiology Business

May 26, 2023 — HIMSS has appointed two technology executives at the helm as chair and vice chair of the HIMSS Board of ...

Time May 26, 2023
arrow
News | Artificial Intelligence

May 24, 2023 — Since the launch of ChatGPT in November 2022, the use of large language models (LLMs) powered by ...

Time May 24, 2023
arrow
News | Radiology Business

May 23, 2023 — Intelerad Medical Systems, a leading global provider of enterprise medical imaging solutions, announced ...

Time May 23, 2023
arrow
News | Artificial Intelligence

May 19, 2023 — The latest version of ChatGPT passed a radiology board-style exam, highlighting the potential of large ...

Time May 19, 2023
arrow
Subscribe Now