Virus Infected Medical Diagnostic Machines Help Leak Patient Data

With the advent of computerization, even the most basic medical devices often boast computing power several times the standard computers of the 1990's.  X-Ray, MRI, and other monitoring devices have gone digital, with the ability to save and store copies of patient scans.  Typically isolated from the outside world on secure corporate  networks, security is not always the first thought when design image storage for an MRI machine.  Unfortunately, a recent report from security consultancy TrapX has revealed that these digital storage spaces can be misappropriated  by viruses which have made their way into corporate networks.  After viruses, malware, and other softwares installed by criminals and hackers have been eradicated from office computers and tablets at a medical facility, reinfection may still occur as a result of these hidden copies of the virus, lurking among patient data.

According to

"Radiologic and medical imaging systems such as the PACS were particularly useful because they are heavily used and critical to the operation of almost every department. Of the three systems that TrapX found infected at customer sites, one was a PACS, the second was a medical x-ray scanner and the third was a collection of blood gas analyzers in a healthcare institution’s laboratory department used by critical care and emergency services."

The answer to all of this of course is for hospitals to insist that manufacturers include high quality encryption and security features on all of their devices.  Even then, it is likely that it could be several technology life-cycles before the majority of the older and vulnerable imaging machines are upgraded or decommissioned.  This is one of the reasons that it is vital that hospitals keep up with their scheduled technology upgrades and modify those schedules in response to security threats as needed.

For more information, view coverage of the report: