Malware is being used to manipulate CT and MRI scans to create detrimental misdiagnoses, according to researchers from the Ben-Gurion University Cyber Security Research Center in Beersheba, Israel.

In lieu of the data breaches and cyber attacks that plagued hospitals in 2018, the researchers set out to learn how attackers use deep learning to implant fake cancerous nodules or remove real ones in medical scans without expert radiologists having the slightest idea. In a blind study, radiologists read a batch of real CT scans, 70 percent of which had been doctored by malware. For all of the scans with fake cancerous nodules, the radiologists gave cancer diagnoses 99 percent of the time. Similarly, the radiologists gave clean bills of health to scans with deleted cancerous nodules 94 percent of the time.

In the second part of the study, the radiologists were told to read another 20 scans, 50 percent of which had altered. When reading the scans with fake nodules, 60 percent of the time radiologists diagnosed them as cancerous. In scans where cancer had been removed, the radiologists interpreted them as healthy patients 87 percent of the time.

According to researchers, malware is able to enter hospital equipment and networks because facilities don’t have a digital signature system in place to prevent any kind of manipulation. End-to-end encryption on picture archiving and communication system (PACS) networks is also needed to prevent intruders, something that’s lacking in most hospitals. PACS doesn’t have encryption abilities, making it easy for attackers to access scans. According to Fotios Chantzis, principal information security engineer at the Mayo Clinic, most hospitals believe that their internal network is impenetrable, despite the fact that “the era where the local hospital network was a safe, walled garden is long gone,” he said.