A team of researchers from the Ben-Gurion University and the Soroka University Medical Center, Beer-Sheva, in Israel has proved that hackers can modify 3D medical scans, which can be added or removed from it.
Experts developed PoC malware, using the generative adversarial network (GAN) to change the 3D images generated by CT scans. The scan results are stored in the DICOM format in the picture archiving and communication system (PACS). Experts found that about 2,700 PACS and DICOM servers that were connected to the internet. Experts also found that medical image data transmission does not require encryption, and an attacker may perform a man-in-the-middle (MitM) attack. The experts conducted a penetration test in the radiology department of a hospital. They connected a small MitM device between the CT scanner and the PACS network, successfully intercepting traffic from the CT scanner.
Researchers have developed an attack framework called CT-GAN that manipulates images through GAN technology. The researchers used 100 CT scan data sets and successfully modified them using the CT-GAN tool.
When the radiologists were unaware that the results had been manipulated, they diagnosed 99% of the injected scans as cancer and 94% of the scans from which the cancer was removed as belonging to healthy patients. After they were informed of the attack, the radiologists still misdiagnosed the patients in 60% and 87% of cases, respectively. The researchers said the attack even fooled a state-of-the-art lung cancer screening model in each and every one of the tests.
There are many reasons for hackers to tamper with images, such as forged evidence, damage research, assassination and so on.