Unsecured medicals images: The self-destructive threat
The primary mission of all healthcare professionals is to protect the health and wellbeing of their patients. However, they also have a duty of care to safeguard their patients’ sensitive personal data and prevent it from falling into the hands of ruthless and exploitative criminals.
Many cybercriminals target the healthcare sector as an easy source of personal data that can be sold on the black market and used in other criminal acts. At the same time, many standard practices, such as the sharing of medical images, are continually leaving sensitive records exposed to cyberattacks.
Why is medical data sought after?
Medical records have long been a favourite target of cybercriminals as they are an easy way to turn a quick profit on underground dark web forums. Attackers will commonly sell on records to other criminals as a commodity item, often in huge databases containing the details of thousands of individuals.
The personal details contained in an average medical record could be used to fuel further attacks, with names, emails and other details used to craft targeted email phishing attacks. Harvested details are also frequently used to commit fraud and identity theft, including health insurance fraud. High-worth individuals may also be the victim of more elaborate schemes such as blackmail. Criminals may, for example, threaten an individual with the release of information relating to a medical diagnosis that would damage their career or insurance prospects.
Beyond this, there is a psychological impact for those affected by cybercrime and identity theft. The aftermath can have a severe impact on a patient’s wellbeing, particularly if they are already suffering from a serious condition.
How damaging is medical data theft?
The theft of medical data can have far-reaching consequences for the organisation involved. Regulatory fines are one of the biggest concerns as regulators can levy potentially crippling fines on a sector that is already struggling with tight budgets. If the data of EU Citizens is involved, the GDPR can mandate fines of up to four percent of global turnover, or £17.5 million. Elsewhere, healthcare privacy violations in the US can rack up fines ranging from $100 to $50,000 per record from HIPAA.
Organisations and individual practitioners may also face legal action from victims suing for financial damages and loss of privacy.
How are unsecured images accessed?
Any organisation where resources are scarce, and the value of information they hold is high, is extremely attractive to cybercriminals. Medical centres tick both of these boxes and have earned an unfortunate reputation among criminals as representing an easy mark. Cyber attackers know that many healthcare providers operate under limited security budgets, particularly those in the public sector such as NHS Trusts. It is common to find providers using outdated devices, software and operating systems, or using weak or incorrectly configured protocols. Attackers callously count on the fact that providers will lack either the budget or the required downtime to address these issues, as patient care always takes priority.
One of the most striking security vulnerabilities we have investigated is the use of Digital Imaging and Communications in Medicine (DICOM), a common standard for storing and transmitting medical images between devices. DICOM dates back more than 30 years, so it predates modern cybersecurity protections.
The security risk here is not the image but the attached metadata. DICOM allows more than 200 lines of data to be attached to images, which will generally include the personality identifiable information (PII) prized by criminals.
We have found the standard is frequently misused in a way that leaves vast swathes of records exposed. Our investigations recently discovered more than 45 million medical images unsecured and openly accessible online. These included X-rays as well as MRI and CT scans – along with all the sensitive metadata attached to each image. We found files accessible at providers ranging from large hospitals to independent doctors and dentists all over the world.
The main issue is not DICOM itself, but rather how it is implemented. The standard has added support for security provisions such as encryption over the years – but these are not mandatory and, indeed, are often not selected by default. As a result, organisations using DICOM are often leaving data completely vulnerable to abuse. Thousands of DICOM devices are publicly discoverable online, and our investigators were able to access the vast majority of them without any challenges.
In some cases, this included login portals accessed by simply entering blank login and password credentials. Sensitive data is also often transmitted as unencrypted plain text, so an attacker only needs to discover the device online to freely access large amounts of sensitive data.
This is an extremely low-level activity that requires little experience or skill on the part of the attacker. The risk has also been greatly exacerbated during the pandemic as more staff transmit data to remote devices.
How can healthcare providers keep patient data safe?
Healthcare practitioners need to operate with a heightened sense of cybersecurity and an awareness that they are likely in the sights of criminals. While patient care must always be the priority, there must also be a balance between the speed and security to ensure that patients’ privacy is also safeguarded.
This means ensuring that security processes are not circumvented. In particular, all organisations must ensure they have strong password practices in place for all applications, including DICOM. No application should ever be left with a factory default password or easily guessed entry such as “Password123”. Organisations should also assess DICOM and other online assets to make sure that they are protected from snooping criminals. Most assets should not be discoverable over the wider internet, and all traffic should always be encrypted.
Finally, practitioners can also take a further step by beginning to proactively scan for data leaks. Regularly scanning external sources such as dark web forums can identify data that has already been leaked in a timely manner. Not only will this help to contain the current breach, but it will also enable the IT and security team to work backwards and close the source to prevent further leaks.
Driving sustainability in medical device production
Environmental protection and stewardship are rapidly rising to the top of the corporate agenda and medical device businesses are no exception. The healthcare sectors of the United States, Australia, Canada, and England combined emit an estimated 748 million metric tons of greenhouse gases each year, an output greater than the carbon emissions of all but six nations worldwide. In order to curb this situation various European standards have been introduced.
The Waste Electrical and Electronic Equipment (WEEE); Restriction on Hazardous Substances (RoHS); Registration, Evaluation, and Authorisation of Chemicals (REACH) and the Energy Using Products (EuP) regulations have all significantly altered manufacturing processes, specific labelling, compliance with disposal restrictions, and creation of instructions for end-of-life management and recycling.
At the moment many medical devices are currently exempt from these regulations but several directives, including RoHS and WEEE, are in the process of being reviewed and could be applicable in future. This is especially relevant for devices that are ‘connected’ and have a digital monitoring component which then brings them under the regulatory purview of authorities that govern devices with electronic components.
Safety, Usability and Sustainability
While medical device manufacturers have been working to respond to increasing demand for environmental sustainability from the market, they also have to contend with a key element of their mission: to ensure safety and usability to healthcare workers and patients. Parenteral and other invasive devices are strictly regulated to help reduce the risk of Healthcare Acquired Infection which typically runs as high as 5% and 8% in most developed countries, according to the European Centre for Disease Prevention and Control. As a result, they typically contain disposable single-use plastic elements.
At the same time, many hospitals and purchasing organisations have started to recognise that sustainable purchasing practices play a pivotal role in reducing costs over time. Many GPOs have appointed and empowered Senior Directors of Environmentally Preferred Sourcing who are successfully implementing the sustainable purchasing business case. In addition global pharmaceutical companies are increasingly creating senior positions with sustainability objectives as key to the role.
Medical device disposal is a particularly burning issue; generally carried out through incineration in the EU, it typically releases nitrous oxide, as well as known carcinogens including polychlorinated biphenyls, furans and dioxins. Some of the strategies trialled by manufacturers to reduce waste matter destined to incineration include sterilisation and reprocessing.
Sterilisation, however, falls short on the environmental front, and may consume more energy and produce more emissions than incineration itself. In the United States for example, 50% of all sterile medical devices are sterilised with ethylene oxide but since this method releases harmful emissions, the US Food and Drug Administration is now encouraging the development of new methods or technologies. Many other established sterilisation methods use glutaraldehyde that is not only harmful to the environment but also tends to be regulated by strict usage and disposal rules such as COSSH guidelines.
Focus on Recycling
The outlook on recycling is changing significantly thanks to new research and technologies enabling, for example, monomer extraction. Recycled polymers can be broken down to their constituent monomers promoting an almost limitless recyclability of some polymers. In addition to this, Polyvinyl chloride (PVC), renewable polyethylene and polyethylene terephthalate (PET) can be recycled several times without losing critical properties.
Reducing the impact of packaging can also significantly reduce the materials that need to be dealt with through either waste or recycling. Packaging manufacturers are decreasing packaging volume by favouring sealed trays instead of pouches, laser-etching instructions directly on to the tray where regulation permits it, or reducing the number of components required overall. In addition to this, for recycling plans to be successful it important to have a full understanding of the practices surrounding device use and to establish, where possible, closed loop recycling systems that recover the waste materials from hospitals or patients and bring them back into the recycling process.
Sustainable Manufacturing: Technology and Research
Greater employment of fast degrading plastics or material from other sources is a key strategy to reduce harmful pollutants both at production and disposal stage. Bio-based materials can in fact offset the carbon emitted during processing as the monomer source grows, and a growing range of sources for bio based monomers -such as wood pulp or sugar cane- is available. However, when assessing the most suitable material for a part, the entire lifecycle of the product needs to be considered. For example: bio-degradable polymers can contaminate a recycling stream and emit methane when incinerated.
The use of environmentally friendly materials should also be supported by an increase in clean renewable energy sources. Lower energy consumption means fewer carbon emissions but also financial savings, making this an appealing measure for manufacturers. New technologies are proving a major gamechanger on this front, helping manufacturers marry their environmental stewardship with cost savings and efficiency. 3D printing, for example, can help develop optimum product moulds more quickly, refining production parameters to minimise raw materials volumes and maximising output productivity.
Similarly, ‘digital twin’ production software uses inline sensors to create a virtual, real-time mirror of the production environment to enable inline refinements. The objective is to achieve “zero defect”, waste-free manufacturing. In addition to this, LEAN manufacturing methodologies are already helping to optimise inventory management and reduce overproduction.
Sustainability by Design
It is increasingly clear that effective environmental sustainability in the medical device sector cannot exist without a full view of the product life cycle from concept development, material selection, design and engineering to manufacturing, packaging, transportation, sales, use, and end-of-life disposal. These evaluations are typically made for factors such as manufacturing efficiency, time to market, or safety and regulatory compliance, packaging and transportation costs, but should be extended to energy efficiency and environmental impact by means such as life cycle analysis.
In addition to this, with devices rapidly becoming more digitally connected, developers need to be aware that the costs of disposable electronics would simply not be viable, or indeed acceptable in the light of electronics disposal regulations. Design therefore should focus on creating a simple, repeatable interface between the two component sections so as not to impair the functionality or efficacy. As reducing waste and harmful emissions continues to exert businesses and governments globally, the medical devices industry cannot stand by. The environmental but also commercial implications of inaction are too serious and the array of solutions now available is exciting and diverse.