Authors: Paolo Marcheschi and Stefano Dalmiani / FTGM
The Gabriele Monasterio Foundation is a center of excellence in the fields of research, prevention, and treatment of cardiovascular diseases. Its mission is to improve the quality of life of patients affected by these pathologies and contribute to scientific progress in our sector.
In this project, within a controlled setting, we propose to mimic the attack and defense of a typical hospital system comprised of an electronic medical record and a medical image repository known as PACS (Picture Archiving and Communication System). PACS is a medical imaging technology that allows healthcare providers to store, retrieve, and share digital medical images such as X-rays, CT scans, and MRI scans.
This is a very specialized setting that is different from any other that is publicly available. In this complex environment, we will experiment with two different kinds of cybersecurity attacks.
The first attack is intended to gain access through social engineering to the Hospital Electronic health record. An electronic health record (EHR) is a digital version of a patient’s medical records, which include their medical history, medications, allergies, lab results, and other relevant health information.
The second attack is intended to alter the correct interpretation by a radiologist of medical images acquired through an advanced acquisition modality like a computed tomography scanner or a magnetic resonance imaging scanner. This is imagined taking place inside the hospital communication network, and in particular inside the PACS network. The PACS allows healthcare providers to access and review patient images from anywhere, at any time, and on any device with internet access. The PACSrelies on DICOM Protocol for communicating images and signals. DICOM (Digital Imaging and Communications in Medicine) is a widely used protocol for digitally exchanging medical images and data. It is a global standard that was created in the 1980s by the National Electrical Manufacturers Association (NEMA) in partnership with the American College of Radiology (ACR). DICOM is widely used in the medical industry to ease the exchange of medical images and information between various healthcare systems and devices. The protocol specifies a set of criteria for transmitting and storing digital medical images, as well as associated patient data such as demographic data and clinical reports. DICOM has transformed the way medical pictures are saved, exchanged, and analyzed, allowing for faster and more accurate diagnoses, fewer errors, and better patient outcomes.
Artificial intelligence (AI) can be used to protect this type of assets, actually AI and machine learning have tremendous potential to enhance cybersecurity. AI systems can analyze massive amounts of data to detect patterns, identify threats, and discover vulnerabilities at scale.
This AI cybersecurity tool leverages the power of cutting-edge machine learning algorithms and big data analytics to help prevent cyberattacks and malicious behavior. It monitors networks, systems, and user activity for anomalies that could indicate an impending threat. The AI model is constantly learning and improving from new data, enabling it to detect even stealthier and more sophisticated cyber threats over time. In this case FTGM will provide enough data to train specialized partners deep learning algorithms in the two attack scenarios and will provide healthcare informatics insight to describe and represent a state-of-the-art real hospital with anonymized and secure sandbox ICT facilities in order to recreate a real-world hospital network to play with.