Patients’ CT and MRI scan results can be easily changed by hackers, thereby deceiving radiologists and Artificial Intelligence (AI) algorithms that diagnose malignant tumours, Israeli researchers have warned.
The researchers from the Ben-Gurion University (BGU) showed that hackers could access to add or remove medical conditions from lung cancer scans for the purposes of insurance fraud, ransom and even murder, Xinhua news agency reported.
As part of the attack, the hacker has full control over the number, size and location of the cancers while preserving the anatomy from the original, full resolution three-dimensional (3D) image.
To prove the feasibility of the attacks, the researchers broke with permission into an actual hospital network to intercept all CT (computed tomography) scans.
Although the hospital internal network is not connected to the internet, hackers can access it via the hospital’s WiFi or physical access to the infrastructure, the researchers said.
To inject and remove medical conditions, the researchers used a deep learning neural network called a generative adversarial network (GAN), which has been used in the past to generate realistic imagery, such as portraits of non-existent people.
After the “attack” the radiologists at the hospital misdiagnozed 99 per cent of the scans showing malignant tumours, and 94 per cent of altered images with cancerous images removed.
After the radiologists were informed about the attack, they still misdiagnozed 60 per cent of altered scans falsely showing tumours and 87 per cent of those falsely showing no sign of tumour, the report showed.
The researchers suggested several solutions, such as enabling encryption between the hosts in the hospital’s radiology network, digital signatures with a secure mark on each scan or hidden digital watermarks.