CT-GAN: Malicious Tampering of 3D Medical Imagery using Deep Learning

The following is the abstract of a research report that I saw at https://arxiv.org/abs/1901.03597.

CT-GAN: Malicious Tampering of 3D Medical Imagery using Deep Learning
Yisroel Mirsky, Tom Mahler, Ilan Shelef, and Yuval Elovici
(Submitted on 11 Jan 2019 (v1), last revised 3 Apr 2019 (this version, v2))

In 2018, clinics and hospitals were hit with numerous attacks leading to significant data breaches and interruptions in medical services. An attacker with access to medical records can do much more than hold the data for ransom or sell it on the black market.

In this paper, we show how an attacker can use deep-learning to add or remove evidence of medical conditions from volumetric (3D) medical scans. An attacker may perform this act in order to stop a political candidate, sabotage research, commit insurance fraud, perform an act of terrorism, or even commit murder. We implement the attack using a 3D conditional GAN and show how the framework (CT-GAN) can be automated. Although the body is complex and 3D medical scans are very large, CT-GAN achieves realistic results which can be executed in milliseconds.

To evaluate the attack, we focused on injecting and removing lung cancer from CT scans. We show how three expert radiologists and a state-of-the-art deep learning AI are highly susceptible to the attack. We also explore the attack surface of a modern radiology network and demonstrate one attack vector: we intercepted and manipulated CT scans in an active hospital network with a covert penetration test.

Demo video: this http URL

So this may be one of the scariest possibilities:  you can “doctor” (no pun intended) medical records or films to create a false impression of someone’s health.  You can make them appear that they have cancer when they don’t, or that they don’t — when they do.  And you can do it selectively or just randomly for the fun of it?

We’ve seen a number of scary demos over the past few years like   people remotely taking control of a car or  disembodied voices talking to you baby through your home monitor system. But tampering with medical records and medical care is right up there in my worst nightmare scenarios — particularly when we continually read how healthcare is the worst sector in terms of cybersecurity.


About the author: Dissent

Comments are closed.