Assignment task:
Global technological advancement has led to enhanced telemedicine due to the increased use of sophisticated medical equipment. Despite improving medical care, technological equipment used in telemedicine have shown to have serious security vulnerabilities that hackers exploit. Yisroel Mirsky, Yuval Elovici, and two other researchers at the Ben-Gurion University Cyber Security Research Center in Israel developed malware that highlighted critical and dangerous security vulnerabilities in the medical imaging equipment used to diagnose serious medical conditions in hospitals. The malware developed by these researchers can be classified as proof of concept (PoC) malware because it highlighted deep security vulnerabilities in hospitals' CT or MRI scans. The classification of this malware as a PoC was influenced by its ability to use a machine learning algorithm to generate adversarial networks that alter the 3D images generated by CT or MRI scans used in hospitals (Zetter n.p.). The attackers exploited the security vulnerabilities in the unencrypted picture archiving and communication system (PACS) to plant the malware that automatically added realistic, malignant-seeming growths or removed real cancerous nodules and lesions to the MRI or CT scans, thus tricking the radiologists and doctors into giving false diagnoses. In this regard, developing a firewall that ensures automatic encryption of all images at the PACS will be vital in protecting attackers from using the malware to alter the results of CT or MRI scans. As explained by Eichelberg et al. (1761-1774), automatic encryption of images at PACS enhances the security of CT or MRI scans, thus prohibiting external attacks. The automatic encryption of all scans at the PACS should be augmented with enhanced and automated virus scans to detect any malware that might alter the expected CT or MRI scans. Apart from using the suggested firewall, hospitals should upgrade their technological infrastructure and restrict access to their IT servers to prohibit unauthorized physical or remote access.
1- One Response about it?