Even
before
COVID-19
disrupted
operations,
organizations
accelerated
their
digital
transformation
initiatives
to
meet
changing
customer
expectations.
One
sector
that
particularly
embraced
this
shift
is
the
healthcare
sector,
as
organizations
rapidly
developed
and
adopted
a
range
of
digital
health
solutions,
such
as
electronic
health
records
and
using
AI
to
aid
drug
discovery.
Healthcare
is
“an
industry
that
had
been
moving
forward
with
digitization
under
numerous
different
names
and
approaches
well
before
the
onset
of
COVID,”
says
Guy
Becker,
director
of
healthcare
products
management
at
cybersecurity
company
Sasa
Software.
However,
this
rapid
digitization
has
also
resulted
in
a
sharp
spike
in
criminal
cyberattacks
on
the
healthcare
industry.
Check
Point
reports
a
global
increase
in
attacks
on
organizations
between
November
and
December
2020.
The
report
showed
a
137%
increase
in
East
Asia,
a
112%
rise
in
Latin
America,
67%
in
Europe,
and
a
37%
increase
in
North
American
healthcare
organizations.
In
recent
years,
there
has
been
a
dramatic
increase
in
cybersecurity
incidents
in
the
healthcare
sector,
such
as
computer
virus
infections,
ransomware,
and
the
theft
and
publication
of
patient
data.
The
reality
is
grimmer
today,
especially
when
you
consider
that
scanned
medical
documents
and
other
healthcare
images
often
contain
sensitive
data.
NTT
Research
recently
held
a
hackathon
to
find
ways
to
use
attribute-based
encryption
(ABE)
to
address
that
situation
and
others.
“Metadata
stored
within
medical
images,
including
X-rays
and
CT
scans,
can
disclose
confidential
information
like
patient
names,
photographed
body
parts,
and
the
medical
centers
or
physicians
involved,
leading
to
patient
identification,”
explains
Jean-Philippe
Cabay,
data
scientist
at
NTT
Global
in
Belgium,
whose
team
won
the
hackathon.
“Attribute-based
encryption
ensures
that
only
authorized
users
with
the
appropriate
attributes
can
access
medical
images,
keeping
them
secure
and
private.”
Health
Imaging
Data
Is
a
Hacker’s
Goldmine
Hospitals
and
healthcare
organizations
are
working
to
protect
digital
imaging
and
communications
in
medicine
(DICOM)
files,
according
to
Becker.
This
development
is
a
result
of
the
convergence
of
several
factors:
increased
attacks
on
healthcare
due
to
its
high
value
(worth
at
least
10
times
more
than
credit
card
data
on
the
Dark
Web)
and
traditionally
weak
security
posture;
demand
for
heightened
healthcare
security
by
governments
and
the
EU;
increased
need
for
remote
healthcare
services
due
to
COVID;
and
a
general
digital
transformation
trend
to
streamline
and
digitize
services.
In
addition,
the
vulnerability
presented
by
potentially
malicious
imaging
files
is
enhanced
by
the
growing
risk
of
breached
medical
devices.
For
example,
imaging
machines
operating
within
the
hospital
network
can
be
compromised
without
the
knowledge
of
the
technicians
and
engineers
looking
after
them.
Such
compromise
could
lead
to
malicious
code
being
injected
into
clinical
data
and
spread
across
a
hospital’s
network.
Because
imaging
clinics
and
medical
centers
often
need
to
transfer
imaging
data,
a
breach
of
such
transactions
could
expose
sensitive
patient
data,
with
devastating
consequences.
Becker
says
the
protection
of
sensitive
imaging
networks
begins
with
the
standard
recommended
measures:
network
segmentation,
timely
backups,
frequent
updating
of
systems
and
applications,
the
use
of
advanced
intrusion
detection
and
prevention
systems,
and
regular
employee
education
and
training.
Some
of
these
measures
pose
particular
challenges
for
healthcare
organizations.
Healthcare
systems
have
to
be
online
24/7,
which
makes
frequent
updating
—
and
rebooting,
or
taking
machines
offline
—
an
impossible
requirement
to
meet.
Chronic
understaffing,
which
frequently
reduces
staff
compliance
to
the
minimum
clinical
requirement,
means
non-healthcare-related
demands
such
as
cybersecurity
get
pushed
down
to
a
distant
second
position,
Becker
says.
But
in
its
recently
concluded
hackathon,
NTT
Research
said
its
Belgian
team
successfully
demonstrated
“a
groundbreaking
application”
of
ABE
to
protect
images.
ABE
was
introduced
in
2005
in
a
paper
by
Brent
Waters,
NTT’s
Director
of
Cryptography
and
Information
Security
(CIS)
Lab,
and
Amit
Sahai,
a
professor
of
computer
science
at
UCLA.
It
is
a
type
of
public-key
encryption
that
allows
for
sharing
data
based
on
policies
and
attributes
of
the
users
—
who
the
user
is,
rather
than
what
they
have.
Protecting
DICOM
Images
With
ABE
Essentially,
what
ABE
does
is
to
determine
who
can
access
data
based
on
specific
traits.
ABE
combines
role-based
encryption
with
content-based
access
and
multi-authority
access.
For
content-based
access,
ABE
doesn’t
just
determine
who
gets
access
to
data,
but
also
what
specific
data
they
are
allowed
to
access.
Thus
a
radiologist
might
be
able
to
access
a
CT
scan
but
not
patient
identity,
whereas
a
records
clerk
would
be
able
to
access
identity
but
not
imaging.
Multi-authority
access
could
come
into
play
when
a
patient
sees
a
specialist
—
the
primary
care
physician
might
issue
the
specialist
credentials
to
view
a
patient’s
medical
history,
while
a
licensing
board
establishes
credentials
that
allow
them
to
write
notes
in
that
history;
the
specialist
would
need
both
sets
of
credentials
to
access
the
complete
patient
record.
The
winning
team’s
three-part
demo
involved
detecting
and
labeling
a
graphical
object;
encrypting
the
images
and
mapping
between
labels
and
ABE
policies;
and
storing
the
objects,
the
metadata,
and
the
blurred
images
in
a
database.
Cabay’s
coauthor,
NTT
senior
software
engineer
Pascal
Mathis,
said
their
project
uses
an
extract,
transfer
load
(ETL)
pipeline
to
transfer
the
images.
Mathis
further
explained
that
the
artificial
intelligence
component
and
encryption
engine
resides
on
an
edge
device,
which
sends
only
encrypted
data
to
the
database.
Cabay
says
their
project
demonstrates
how
ABE
can
help
to
encrypt
images
in
healthcare,
such
that
“access
is
so
locked-down
that
even
the
database
administrator
only
sees
images
with
blurred
spots
and
encrypted
information.”
Other
major
providers
of
picture
archiving
and
communications
systems
(PACS),
such
as
Philips,
GE,
and
Sectra,
are
advancing
solutions
for
digitization
and
increased
automation
of
the
imaging
workflow,
as
part
of
a
general
migration
to
cloud-based
systems
and
an
enhanced
security
posture.
These
systems
feature
native
end-to-end
encryption
and
robust
backup
and
breach
prevention
capabilities
inherent
to
cloud
environments.
However,
the
DICOM
data
itself
is
not
examined,
and
may
well
be
harboring
malicious
content,
Becker
notes.
“Standard
detection-based
network
security
tools
such
as
EDRs,
XDRs,
and
MDRs
currently
lack
the
capability
to
scan
and
disinfect
DICOM
imaging
data,”
he
says.
“It
was
this
gap
in
security
that
moved
us
to
develop,
together
with
our
healthcare
partners,
an
imaging
gateway
that
purifies
the
actual
DICOM
data
stream
itself.”
As
healthcare
becomes
increasingly
reliant
on
technology
for
more
efficiency,
healthcare
industry
leaders
must
prioritize
using
tools
that
enable
the
secure
remote
transmission
of
imaging
studies
to
the
hospital
PACS
without
incurring
risk
to
the
healthcare
network.
About Author
