Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityCybersecurity NewsHospitals & Medical Centers

Researchers Show How Hackers Can Dupe Radiologists and A.I. Software

hacker
April 3, 2019

Hackers can access a patient’s 3-D medical scans to add or remove malignant lung cancer, and overwhelmingly deceive both radiologists and artificial intelligence algorithms used to aid diagnosis, according to a new study published by Ben-Gurion University of the Negev cybersecurity researchers.

A 3-D CT (computerized tomography) scan combines a series of X-Ray images taken from different angles around the body and uses computer processing to create cross-sectional images (slices) of the bones, blood vessels and soft tissues. CT scan images provide more detailed information than standard X-Rays, and are used to diagnose cancer, heart disease, infectious diseases, and more. An MRI (magnetic resonance imaging) scan is similar, but uses powerful magnetic fields to diagnose bone, joint, ligament, and cartilage conditions.

Malicious attackers can tamper with the scans to deliberately cause a misdiagnosis for insurance fraud, ransomware, cyberterrorism, or even murder. Attackers can even automate the entire process in a malware which can infect the hospital’s network.

“Our research shows how an attacker can realistically add or remove medical conditions from CT and MRI scans,” says Dr. Yisroel Mirsky, lead researcher in the BGU Department of Software and Information Systems Engineering (SISE), project manager and cybersecurity researcher at BGU’s National Cyber Security Research Center. “In particular, we show how easily an attacker can access a hospital’s network, and then inject or remove lung cancers from a patient’s CT scan.”

The attacker has full control over the number, size and locations of the cancers while preserving the same anatomy from the original, full resolution 3-D image. This is a significant threat since 3-D medical scans are considered to provide more definitive evidence than preliminary 2-D X-Rays.

To demonstrate the feasibility of the attack, with permission, the researchers broke into the network of an actual hospital and intercepted every scan taken by a CT scanner.
“The scans were not encrypted because the internal network is usually not connected to the internet. However, determined intruders can still gain access via the hospital’s Wi-Fi or physical access to the infrastructure,” Dr. Mirsky says. “However, these networks are now being connected to the internet as well, which enables attackers to perform remote attacks.”

To inject and remove medical conditions, the researchers used a deep learning neural network called a generative adversarial network (GAN). GANs have been used in the past to generate realistic imagery, such as portraits of non-existent people. The researchers showed how a 3-D conditional GAN can be used to efficiently manipulate high resolution 3-D medical imagery. The architecture (CT-GAN) uses two of these GANs: one trained to inject cancer and the other trained to remove cancer.

The BGU researchers verified the attack effectiveness by training CT-GAN to inject/remove lung cancer using free medical imagery off the internet. They hired three radiologists to diagnose a mix of 70 tampered and 30 authentic CT scans.

When the scans of healthy patients were injected with cancer, the radiologists misdiagnosed 99 percent of them as being malign. When the algorithm removed cancers from actual cancer patients, the radiologists misdiagnosed 94 percent of the patients as being healthy. After informing the radiologists of the attack, they still could not differentiate between the tampered and authentic images, misdiagnosing 60 percent of those with injections, and 87 percent of those with removals.

“In addition to the radiologists, we also showed how CT-GAN is an effective adversarial machine learning attack,” Dr. Mirsky says. “Consequently, the state-of-the-art artificial intelligence lung cancer screening tools, used by some radiologists, are also vulnerable to this attack.”

The researchers proposed some immediate countermeasures which can mitigate most of the threat. One solution is to enable encryption between the hosts in the hospital’s radiology network. In addition, some hospitals can enable digital signatures so that their scanners sign each scan with a secure mark of authenticity.  If this approach is followed, then administrators should ensure that proper signatures are being used and that the end devices are correctly verifying these signatures.

“Another method for testing the integrity of the images is to perform digital watermarking (DW), the process of adding a hidden signal into the image such that tampering corrupts the signal and thus indicates a loss of integrity,” Dr. Mirsky says. “Unfortunately, the vast majority of medical devices and products currently do not implement DW techniques.”

Other researchers that participated in the study include: Prof. Yuval Elovici, Ph.D., director of the Telekom Innovation Labs@BGU, director of Cyber@BGU; Tom Mahler, Ph.D. candidate and researcher in Cyber@BGU, and a member of the BGU SISE; and Prof. Ilan Shelef, M.D., Ph.D., director of the imaging department in Soroka University Medical Center and a member of the BGU Faculty of Health Sciences. 

KEYWORDS: cyber security cyber security threat cybersecurity hospital security

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Leadership and Management
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Logical Security
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Cybersecurity
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Sureview screen
    Sponsored bySureView Systems

    The Evolution of Automation in the Command Center

  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Rendered computer with keyboard

16B Login Credentials Exposed in World’s Largest Data Breach

Verizon on phone screen

61M Records Listed for Sale Online, Allegedly Belong to Verizon

Security’s 2025 Women in Security

Security’s 2025 Women in Security

Red spiderweb

From Retail to Insurance, Scattered Spider Changes Targets

blurry multicolored text on black screen

PowerSchool Education Technology Company Announces Data Breach

Events

August 7, 2025

Threats to the Energy Sector: Implications for Corporate and National Security

The energy sector has found itself in the crosshairs of virtually every bad actor on the global stage.

August 27, 2025

Risk Mitigation as a Competitive Edge

In today’s volatile environment, a robust risk management strategy isn’t just a requirement—it’s a foundation for organizational resilience. From cyber threats to climate disruptions, the ability to anticipate, withstand, and adapt to disruption is becoming a hallmark of industry leaders.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • cybersecurity-blog

    Check Point researchers: Iranian hackers can bypass encrypted apps like Telegram

    See More
  • Sticky notes tacked to board

    Metrics that matter: How security professionals can show value

    See More
  • cars

    How Hackers Exploit Automotive Software to Overtake Cars

    See More

Related Products

See More Products
  • school security.jpg

    School Security: How to Build and Strengthen a School Safety Program

  • security culture.webp

    Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing