Maliciously Tampering with Medical Imagery

In what I am sure is only a first in many similar demonstrations, researchers are able to add or remove cancer signs from CT scans. The results easily fool radiologists.

I don't think the medical device industry has thought at all about data integrity and authentication issues. In a world where sensor data of all kinds is undetectably manipulatable, they're going to have to start.

Research paper. Slashdot thread.

Posted on April 12, 2019 at 11:13 AM • 13 Comments

Comments

Bob PaddockApril 12, 2019 11:49 AM

DICOM® (Digital Imaging and Communications in Medicine) is the international standard to transmit, store, retrieve, print, process, and display medical imaging information.

Section on Security:

https://www.dicomstandard.org/using/security/

My practical experience with it is DICOM is a standard in the sense that everyone can have their own version of it. Different machines have their own individual interpretation of the "Standard".

TatütataApril 12, 2019 12:14 PM

As if they even needed hacking for making medical errors...

You needn't even tamper with the machine that goes ping. Nowadays, test results are routinely e-mailed between clinics and practitioners, with all the risk that it entails... Fax is still used a lot in some countries, as it is deemed "safer".

Already in "normal" circumstances, medical "competence" is the source of much pain and anguish. Is that a tumour on the mammogram, or just a finger smudge on the display, from the free lunch brought over by that pretty pharma rep with all the freebies? (Or it could be a floating point round-off error) But the ultrasound disagrees. OK, we'll perform a biopsy. (How about discussing options and asking for the patient's opinion?) [One month later] The result is inconclusive, but we recommend operating anyway. And there's DNA diagnostics. How freaked out should you be if you have a BRCA1 gene? And why should 23-and-me and the Podunk police dept. be able to monetize or have access to this info?

Critic Peter Gøtzsche said not entirely in jest that doing away with mammogram examinations would immediately cut the prevalence of cancer... And breast cancer screening is hardly an isolated case.

Back in the 80s, there was a special issue of the Proceedings of the IEEE on the subject of medical imaging. I remember that the point was made that the compression method had to be extremely carefully selected, lest a life-and-death medical decision be made on an artefact. That would have ruled out lossy compressions such as JPEG, which wasn't standardized until 1992.

And medical imaging is overused, and hazardous per se! When I had a CT scan, I made the mistake of asking what the X-ray dosage was. No one in the room was able to answer. I should have walked out then and there (but was too weak to), I'm quite sure the doctor didn't even examine the results of the tests he ordered.

vas pupApril 12, 2019 12:53 PM

@all: do you think intellectual level of current legislator let address this issue as well when they introduce their (dem or rep) version of health reform?
I doubt.
Are they just listening what Bruce and other experts deliver on hearing without understanding what to do?
Or they are acting on any OWN negative experience to address any problem on bipartisan basis.
By the way, I just want to point out that all humans has the same body structure regardless of their race, nationality, sexual preferences, religion, political affiliation, wealth etc.
That is why ALL health related problems should have the highest level of priority on any politician's list because affected the WHOLE population. Period.

Steven ClarkApril 12, 2019 4:16 PM

Future medical devices will be getting better cybersecurity. It's just the pipelines are long. The newest FDA guidance is much stricter and more specific that it used to be. They've been embarrassed.

CatgirlApril 12, 2019 5:36 PM

"You needn't even tamper with the machine that goes ping. Nowadays, test results are routinely e-mailed between clinics and practitioners, with all the risk that it entails... Fax is still used a lot in some countries, as it is deemed "safer".

I got bamboozled by this myself. One medical professional referred me to another medical professional and stressed the fact that if I gave permission to have my records and scans emailed to the other provider that would save a lot of time in their office because the doctor would have already seem my medical exams. So I said Ok. The next day I called the other doctor's office only to discover that the doctor I have been referred too and who now had my intimate personal medical records did not even take my insurance! WTH? I gave away the informational milk and got nothing to show for it.

Never again.

Erdem MemisyaziciApril 12, 2019 7:49 PM

Yup, this is how certain organizations get away with illegally implanting their employees to track them. The organization also has people in the hospitals working as nurses or security guards who have access to the machines.

Erdem MemisyaziciApril 12, 2019 7:54 PM

You can also implant such devices into yourself. The problem with face tracking etc. is that it's not all that accurate. You implant one of these in your target's neck and suddenly you can track them anywhere. You follow them to their local hospital and modify the CT results should they ever go there.

Petre Peter April 13, 2019 7:44 AM

Sharing medical records with my medical providers makes sense. Access to medical data can help us to better determine certain patterns in the progression of a diagnosis, and potentially even find cures to certain conditions. Therefore, not only am I ok with my doctors having access to this data but i am also ok with researchers to access it provided I know: who they share the data with; how can the data be deleted; how is it stored. Accepting signatures by fax is a bad joke that Bruce wrote about and we should get away from asap. Data integrity in the medical field needs a lot of work because it's in the Doctor's office where we should not have to worry about privacy.

MikeAApril 13, 2019 10:50 AM

One of my college jobs was as a security guard, and I was occasionally assigned as a substitute in a hospital. One thing I noticed (early 1970s) was a telautograph in the pharmacy, apparently to expedite the delivery of "signed" prescriptions without hand-carrying them in a building that had been remodeled many times since the 1920s.
Compare and contrast to security of Fax machines.

StuartApril 13, 2019 10:12 PM

DICOM PS 3.3 (2019a), Table C.12-6 Digital Signatures Macro Attributes
in combination with DICOM PS3.15 (2019a), Section C Digital Signature Profiles
and Section D Media Storage Security Profiles

These have been in the standard before 2019a, that is simply the most current version. Some of the specification has existed as early as 2004 if not earlier, but updates were made when MD5 was demonstrated to be broken.

A vendor can implement a certain amount of this on their own, but not all of it.
There is Public Key infrastructure that has to be supplied by the facility.

SHA512 is one of the options for generating the hash.
It requires the use of RSA key-pairs, and the the public part of the key be transmitted in an X.509 (1993) signature certificate.
The certificate type is mandated to be X509_1993_SIG.

The community has in fact considered these issues, whether they have been implemented by vendors and facilities is a different question.
Given that Bruce thinks this isn't a movie plot threat, it is likely that others will think the same and (more) vendors and facilities will implement at least one of if not all of the Base, Creator, Authorization, or Structure Report RSA Digital Signature Profiles. Base with specification of (7FE0,0010) Pixel Data as the element to be hashed/signed would likely be sufficient to identify if image data tampering had taken place.

The interoperability issues (per Bob P) are a different matter (a variety of hash algorithms are enumerated, but that doesn't mean everyone will implement each of them). Communication is enabled by DICOM. Interoperability (a significant issue) is addressed primarily by IHE (which frequently overlays DICOM, as well as HL7 and other standards). IHE does not create standards, it utilizes existing standards and specifies how to use them in a narrow fashion to achieve interoperability including testing opportunities.

From a more clinical perspective, a patient with a tampered/false positive will be re-imaged prior to treatment on a different piece of equipment than was used for the diagnostic exam (for radiation therapy at least), and will most likely be re-imaged just prior to each treatment at the treatment machine (Image guidance). A patient with a tampered/false negative will likely undergo other diagnostics because they will still have symptoms, which mitigates the likelihood that they will receive no treatment (but it might very well delay treatment, which is definitely bad).
A "well known" patient will frequently be assigned a fictitious name and fuzzed demographics(correct identification is then handled using other information).

But for securing the data stream from the sensor (e.g. CT detectors) through the image reconstruction (securing the image reconstruction code) to the point where the data is encoded (securing the DICOM translation code) in the DICOM format, one has to rely on technologies defined outside of the medical community. CAN bus/CANOpen do not appear to have standardized a security stack, but there are security solutions available. Signed code modules (dlls, jars, etc.) have been standardized or at least "solved for free and built in to the tools" for a number of programming languages.


TatütataApril 14, 2019 8:02 AM

DICOM PS 3.3 (2019a), Table C.12-6 Digital Signatures Macro Attributes in combination with DICOM PS3.15 (2019a), Section C Digital Signature Profiles and Section D Media Storage Security Profiles

Sounds suitably impressive, but...

Take for instance a related field, electronic health insurance cards, which should theoretically profit from a wealth of experience from other sectors like banking. [Ha. Ha. Ha.]

Back in 2005, the French carte Vitale was shown to be not as secure as purported.

In Germany, the local equivalent wasn't very well received either. There was a demo at CCC 35C3 showing how sloppily the system was implemented by the various providers.

In either case, the alleged benefits did not happen, and the future of the system is unclear. And even if your CT or MRI unit were to be hardened down to the last resistor, the resulting images would still be stored in these rather shaky systems.

I came to realize that doctors aren't that interested in old medical records, the span of their interest is quite limited, and they're more likely to lazily order new tests rather than listen to the patient who try to say that this was already done many times, as late last year and the result was always negative. So what's this fixation on data collection?

But for securing the data stream from the sensor (e.g. CT detectors) through the image reconstruction (securing the image reconstruction code) to the point where the data is encoded (securing the DICOM translation code) in the DICOM format, one has to rely on technologies defined outside of the medical community. CAN bus/CANOpen do not appear to have standardized a security stack, but there are security solutions available. Signed code modules (dlls, jars, etc.) have been standardized or at least "solved for free and built in to the tools" for a number of programming languages.

All this is rather theoretical when you look at the vintage of the equipment in some wards. As long as your CT scanner keeps working, why change it? An hospital administrator, whose daily diet is composed of budget cuts, overworked staff, bedpan requisitions, etc., would first and foremost look at the price (or, god forbids, the amount of kickback) rather than to worry about some esoteric technical sh*t they'd have to dig deep into the specs to figure out.

justinacolmenaApril 14, 2019 2:11 PM

researchers are able to add or remove cancer signs from CT scans. The results easily fool radiologists.

Um-hmm. And the mainstay treatments, ionizing radiation and toxic chemotherapy, can both cause and cure cancer.

Radiation hormesis and a hair-of-the-dog cure for a hangover straight out of the same liquor bottle that caused it.

The doctors are too drunk to use a scalpel without "cutting around" and cutting up altogether too much healthy tissue when they attempt to remove a tumor or malicious growth.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Sidebar photo of Bruce Schneier by Joe MacInnis.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Security.