Greg Freiherr, Industry Consultant
Greg Freiherr, Industry Consultant

Greg Freiherr has reported on developments in radiology since 1983. He runs the consulting service, The Freiherr Group.

Blog | Greg Freiherr, Industry Consultant | Cybersecurity| October 05, 2018

How To Stop (Or Slow) Hackers

cybersecurity

Like low-hanging cyber fruit, hospitals are ripe for plucking. And hackers have already started the harvest.

A 12-month analysis of cyberattacks by enterprise security company Proofpoint found that ransomware, which keeps legitimate users from accessing the data on their systems until ransom is paid for their release, is shutting down emergency rooms. The analysis also found that phishing schemes using emails are defrauding patients and providers.

Cybercriminals have done much of the damage. But they are not the only ones to fear. Nation states have attacked other segments of American society. Look no further than the hack by North Korea of Sony Pictures (see “North Korean hackers sanctioned, facing charges for Sony hack, Wannacry ransomware attack,” CNBC) and concerns about potential hacking of the 2018 midterm elections (“Election hacking: security upgrades are too little, too late for 2018 midterms and race is already on for 2020, experts say,” Newsweek) for proof of that. Terrorists pose a special threat, as their sole purpose is to create fear.

So concerned about hacking was Dick Cheney in 2007 that the vice president disabled the wireless feature of his implanted defibrillator. Cheney was worried, according to CBS News, that “a terrorist could assassinate the vice president by sending a signal to the device.” A similarly nightmarish scenario would be terrorist-controlled CT scanners or linear accelerators that deliver excessive doses of radiation.

Ironically, healthcare seems less concerned about hackers and more about achieving the tenets of value-based medicine. Its focus on improving patient experience and reducing cost has pushed cybersecurity down the list of spending priorities when it should be rising.

 

Not What Was Hoped

How can hackers be stopped — or at least slowed down? First, cyberthreats have to be seen for what they are. This means recognizing that the machines most vulnerable to hacking are the most modern ones. The heightened vulnerability comes from their increased use of digital technology, which offers hackers more possible entry points. (An exception is equipment that runs old versions of operating systems. These are vulnerable, if security patches are not applied, a circumstance that commonly happens when OS versions are no longer supported.)

Second, the operators of digital imaging devices must see that connecting to the internet increases vulnerability. This risk already exists and will grow more severe in the near future. A massive expansion of device connectivity will come with 5G, the next generation of wireless technology, which promises speeds beginning at 20 times those of 4G. Imagine 5G towers beaming high-speed internet directly to medical devices, making the internet connections free from routers and conventional Wi-Fi that might be leveraged to provide some protection.

 

Fighting Off Cyberattacks

So how can the imaging industry protect against cyberattacks now and in the future? One way, according to a NEMA/MITA white paper published three years ago, is to adopt best practices.

For manufacturers that means making user interfaces simple yet secure. One key, according to NEMA/MITA, is to require multifactorial authentication, such as a password and a biometric identifier.

Another is to use firewalls that restrict access to radiological devices. By monitoring and controlling network traffic, firewalls can put up barriers between trusted internal networks and untrusted external networks, such as the internet.

A third approach, called the 3-2-1 rule, has been gaining traction lately among cybersecurity professionals. This rule states that every piece of critical data should have three copies; stored on at least two different types of media; with at least one medium away from where the data are primarily stored. Cloud-based storage (see “How Two Providers Use The Cloud To Prepare For Disaster”) is one of these media.

Although the imaging industry is making use of the cloud, just using the cloud is not enough. Sites may use cloud storage as the primary or even sole means of storing data. While affording some protection, this kind of cloud-based strategy undoes the benefits of the 3-2-1 rule.

A fourth possibility for defending against cyberattack is penetration testing. This practice, commonly referred to as “red teaming,” is similar to the child’s game “Capture the Flag.” As used in cybersecurity, the red team attempts to access data, while another defends against the attack.

The process might be preceded by “tabletop exercises.” In these a consulting firm may describe the hypothetical scenario of a cyberattack to the leaders of a hospital. Sitting in the relative safety of a conference room, the chief information security officer, others from the C-suite and a few hand-picked IT folks might be asked how they would respond. The intent behind such exercises is simply to expose vulnerabilities and sensitize the client to existing dangers.

At the other end of the spectrum are field exercises in which white hatters, so called because they are “good” hackers, attack a network to probe its defenses. This may reveal actual vulnerabilities that could be exploited by hackers with nefarious intent. But, if a white hatter turns black and takes the opportunity to attack the network rather than probe it, the process can go south quickly. This is why red team members must be carefully vetted, if probing attacks are to be carried out.

 

High Stakes

The healthcare industry must be prepared for hack attacks, cybersecurity experts agree. The very essence of value-based medicine hangs in the balance. How can patients be safe and their needs met, if they and their data are not safe?

Unfortunately, no digital device can be made 100 percent safe from attack. Phishing, in which emails sent to staffers unleash malware, presents a continuing threat. Only training and an ever-vigilant staff can keep phishing attempts from succeeding.

And, unfortunately, digital imaging devices are vulnerable, even when they are not connected to the Internet. All it may take is someone with an ax to grind or a digital vandal (akin to the folks who “tag” train cars and buildings) to slide a malware-ridden USB drive into a computer connected to a medical data network. For this reason, the best defense, according to cybersecurity experts, is a robust data management system, one that can persist even when attacked.

Such a system may have resident software that looks for and shuts down unauthorized access, one that uses multifactorial authentication to spot intruders, for example. It may involve the use of multiple copies of data on different media, such as the cloud. Or it may depend on the digital equivalent of whistling past the graveyard.

Cybersecurity experts do not recommend the latter.

Related Content

Welch Road Imaging Integrates RamSoft PowerServer RIS/PACS With openDoctor
News | PACS Accessories | February 20, 2019
Welch Road Imaging in California recently became the first RamSoft customer to integrate openDoctor with its...
Sponsored Content | Videos | Enterprise Imaging | February 20, 2019
At RSNA 2018, Philips Healthcare introduced Performance Bridge as an integral part of its IntelliSpace Enterprise Edi
Amazon Comprehend Medical Brings Medical Language Processing to Healthcare
News | Artificial Intelligence | February 15, 2019
Amazon recently announced Amazon Comprehend Medical, a new HIPAA-eligible machine learning service that allows...
Fujifilm Exhibits Enterprise Imaging Solutions and Artificial Intelligence Initiative at HIMSS 2019
News | Enterprise Imaging | February 15, 2019
Fujifilm Medical Systems U.S.A. Inc. and Fujifilm SonoSite Inc. showcased their enterprise imaging and informatics...
IBM Watson Health Announces New AI Collaborations With Leading Medical Centers
News | Artificial Intelligence | February 14, 2019
IBM Watson Health announced plans to make a 10-year, $50 million investment in research collaborations with two...
Medivis Launches SurgicalAR Augmented Reality Platform
Technology | Advanced Visualization | February 14, 2019
Medical imaging and visualization company Medivis officially unveiled SurgicalAR, its augmented reality (AR) technology...
Office of the National Coordinator Releases Proposed Rule on Healthcare Data Interoperability
News | Information Technology | February 14, 2019
The U.S. Department of Health and Human Services (HHS) has proposed a new rule to support seamless and secure access,...
Siemens Healthineers Demonstrates Artificial Intelligence, Healthcare Digitalization at HIMSS19
News | Artificial Intelligence | February 13, 2019
February 13, 2019 — At the 2019 Healthcare Information and Management Systems Society (HIMSS) global conference and e
PaxeraHealth Launching Universal Image Sharing Platform at ECR 2019
News | PACS Accessories | February 13, 2019
PaxeraHealth will launch the PaxeraShare image sharing platform at the 2019 European Congress of Radiology (ECR) annual...
NVIDIA Explores Role of AI, Analytics and Virtualization in Healthcare at HIMSS19
News | Artificial Intelligence | February 13, 2019
Digital technology company NVIDIA will highlight its newest partnerships to advance the digital transformation of...