Greg Freiherr, Industry Consultant
Greg Freiherr, Industry Consultant

Greg Freiherr has reported on developments in radiology since 1983. He runs the consulting service, The Freiherr Group.

Blog | Greg Freiherr, Industry Consultant | Cybersecurity | October 05, 2018

How To Stop (Or Slow) Hackers

cybersecurity

Like low-hanging cyber fruit, hospitals are ripe for plucking. And hackers have already started the harvest.

A 12-month analysis of cyberattacks by enterprise security company Proofpoint found that ransomware, which keeps legitimate users from accessing the data on their systems until ransom is paid for their release, is shutting down emergency rooms. The analysis also found that phishing schemes using emails are defrauding patients and providers.

Cybercriminals have done much of the damage. But they are not the only ones to fear. Nation states have attacked other segments of American society. Look no further than the hack by North Korea of Sony Pictures (see “North Korean hackers sanctioned, facing charges for Sony hack, Wannacry ransomware attack,” CNBC) and concerns about potential hacking of the 2018 midterm elections (“Election hacking: security upgrades are too little, too late for 2018 midterms and race is already on for 2020, experts say,” Newsweek) for proof of that. Terrorists pose a special threat, as their sole purpose is to create fear.

So concerned about hacking was Dick Cheney in 2007 that the vice president disabled the wireless feature of his implanted defibrillator. Cheney was worried, according to CBS News, that “a terrorist could assassinate the vice president by sending a signal to the device.” A similarly nightmarish scenario would be terrorist-controlled CT scanners or linear accelerators that deliver excessive doses of radiation.

Ironically, healthcare seems less concerned about hackers and more about achieving the tenets of value-based medicine. Its focus on improving patient experience and reducing cost has pushed cybersecurity down the list of spending priorities when it should be rising.

 

Not What Was Hoped

How can hackers be stopped — or at least slowed down? First, cyberthreats have to be seen for what they are. This means recognizing that the machines most vulnerable to hacking are the most modern ones. The heightened vulnerability comes from their increased use of digital technology, which offers hackers more possible entry points. (An exception is equipment that runs old versions of operating systems. These are vulnerable, if security patches are not applied, a circumstance that commonly happens when OS versions are no longer supported.)

Second, the operators of digital imaging devices must see that connecting to the internet increases vulnerability. This risk already exists and will grow more severe in the near future. A massive expansion of device connectivity will come with 5G, the next generation of wireless technology, which promises speeds beginning at 20 times those of 4G. Imagine 5G towers beaming high-speed internet directly to medical devices, making the internet connections free from routers and conventional Wi-Fi that might be leveraged to provide some protection.

 

Fighting Off Cyberattacks

So how can the imaging industry protect against cyberattacks now and in the future? One way, according to a NEMA/MITA white paper published three years ago, is to adopt best practices.

For manufacturers that means making user interfaces simple yet secure. One key, according to NEMA/MITA, is to require multifactorial authentication, such as a password and a biometric identifier.

Another is to use firewalls that restrict access to radiological devices. By monitoring and controlling network traffic, firewalls can put up barriers between trusted internal networks and untrusted external networks, such as the internet.

A third approach, called the 3-2-1 rule, has been gaining traction lately among cybersecurity professionals. This rule states that every piece of critical data should have three copies; stored on at least two different types of media; with at least one medium away from where the data are primarily stored. Cloud-based storage (see “How Two Providers Use The Cloud To Prepare For Disaster”) is one of these media.

Although the imaging industry is making use of the cloud, just using the cloud is not enough. Sites may use cloud storage as the primary or even sole means of storing data. While affording some protection, this kind of cloud-based strategy undoes the benefits of the 3-2-1 rule.

A fourth possibility for defending against cyberattack is penetration testing. This practice, commonly referred to as “red teaming,” is similar to the child’s game “Capture the Flag.” As used in cybersecurity, the red team attempts to access data, while another defends against the attack.

The process might be preceded by “tabletop exercises.” In these a consulting firm may describe the hypothetical scenario of a cyberattack to the leaders of a hospital. Sitting in the relative safety of a conference room, the chief information security officer, others from the C-suite and a few hand-picked IT folks might be asked how they would respond. The intent behind such exercises is simply to expose vulnerabilities and sensitize the client to existing dangers.

At the other end of the spectrum are field exercises in which white hatters, so called because they are “good” hackers, attack a network to probe its defenses. This may reveal actual vulnerabilities that could be exploited by hackers with nefarious intent. But, if a white hatter turns black and takes the opportunity to attack the network rather than probe it, the process can go south quickly. This is why red team members must be carefully vetted, if probing attacks are to be carried out.

 

High Stakes

The healthcare industry must be prepared for hack attacks, cybersecurity experts agree. The very essence of value-based medicine hangs in the balance. How can patients be safe and their needs met, if they and their data are not safe?

Unfortunately, no digital device can be made 100 percent safe from attack. Phishing, in which emails sent to staffers unleash malware, presents a continuing threat. Only training and an ever-vigilant staff can keep phishing attempts from succeeding.

And, unfortunately, digital imaging devices are vulnerable, even when they are not connected to the Internet. All it may take is someone with an ax to grind or a digital vandal (akin to the folks who “tag” train cars and buildings) to slide a malware-ridden USB drive into a computer connected to a medical data network. For this reason, the best defense, according to cybersecurity experts, is a robust data management system, one that can persist even when attacked.

Such a system may have resident software that looks for and shuts down unauthorized access, one that uses multifactorial authentication to spot intruders, for example. It may involve the use of multiple copies of data on different media, such as the cloud. Or it may depend on the digital equivalent of whistling past the graveyard.

Cybersecurity experts do not recommend the latter.

Related Content

Konica Minolta Business Solutions, U.S.A., Inc. (Konica Minolta) announced its status as a Google Cloud Premier Partner.
News | Archive Cloud Storage | January 14, 2020
January 14, 2020 — ...
This is artificial intelligence on Fujifilm's mobile digital radiography system to immediately detect pneumothorax (a collapsed lung) and show the location to the technologist and attending physician in a unit before the image is even uploaded to the PACS for a read. AI applications like this that have immediate impact on critical patient care saw a lot of interest at RSNA 2019.

This is work-in-progress artificial intelligence app on Fujifilm's mobile digital radiography system to immediately detect pneumothorax (a collapsed lung), The AI highlights the area of interest to show the location to the technologist and attending physician in a unit before the image is even uploaded to the PACS for a read by a radiologist. The technology also can flag the study for an immediate read in the PACS worklist for confirmation by a human. This technology is from a third-party and will be offered on Fujifilm's REiLI AI platform. Applications like this that have immediate impact on critical patient care saw a lot of interest at RSNA 2019. Photos by ITN Editor Dave Fornell.

Feature | Artificial Intelligence | December 27, 2019 | Siddharth Shah and Srikanth Kompalli, Frost & Sullivan
Radiology artificial intelligence (AI) was again the hottest topic at the 2019...
News | Remote Viewing Systems | December 27, 2019
December 27, 2019 — The Radiological Society of North America (RSNA) and Carequality have developed the Imaging Data
The company has selected Flywheel to support data management and curation and gain efficiencies in their machine learning workflow
News | Artificial Intelligence | December 16, 2019
December 16, 2019 — MaxQ AI, a company focus
The RIS market is expected to reach $979.1 M by 2025

Image courtesy of Agfa

News | Information Technology | December 13, 2019
December 13, 2019 — According to a new study released by Rese...
EMR patient portal on a smartphone
News | Electronic Medical Records (EMR) | December 11, 2019
December 11, 2019 — Despite the numerous benefits associated with patients accessing their medical records, a new stu
REiLI AI platform auto segmentation.
News | Artificial Intelligence | November 30, 2019
December 1, 2019 — Fujifilm Medical Systems U.S.A.