University of California researchers have proven that it is easy to modify test results or control medical devices by attacking the connection in a hospital’s computer system. The people most vulnerable to these kinds of attacks are high-profile patients, like celebrities and politicians. Attacks like these are less likely to be a threat to the general public, but over time it could develop into a countrywide threat and cripple the U.S. medical infrastructure.
The weaknesses in hospital infrastructure start with the outdated standards that are currently used in healthcare to transfer patient data within hospitals. The current standard used is called Health Level Seven Standards (HL7). HL7 was developed in the 1970s and hasn’t been fully updated since. This leaves the infrastructure vulnerable to attacks by new technologies that are smarter than HL7. The weakness in HL7 leads to patient data being accessible between storage and access points.
"Healthcare is distinct from other sectors in that the manipulation of critical infrastructure has the potential to directly impact human life, whether through direct manipulation of devices themselves or through the networks which connect them," the researchers write.
"As a physician, I aim to educate my colleagues that the implicit trust we place in the technologies and infrastructure we use to care for our patients may be misplaced and that an awareness of and vigilance for these threat models is critical for the practice of medicine in the 21st century," said Dr. Jeffrey Tully, an anesthesiology resident at the UC Davis Medical Center.
The researchers say that this kind of attack has been studied before, but it is the first time that it has been demonstrated and proven to affect patient health. The team created a cyberattack algorithm to demonstrate how an attack may happen. The algorithm was named Pestilence.
Pestilence was automated to attack large amounts of data remotely, acting like a middleman between the medical device and the records system. Pestilence was able to change a patient’s blood results to show that they had diabetic ketoacidosis. In response to this diagnosis, doctors would administer an insulin drip which could possibly kill a healthy patient.
To prevent future attacks like these, hospitals and doctors desperately need to update their infrastructure and update HL7. The researchers say the best fix would be to require a password to access health records, protect them behind a firewall and have the devices and computers communicate with only one server, using network segmenting.
"We are talking about this because we are trying to secure healthcare devices and infrastructure before medical systems experience a major failure," Dr. Christian Dameff, an emergency physician and clinical informatics fellow said. "We need to fix this now."
"Working together, we are able to raise awareness of security vulnerabilities that have the potential to impact patient care and then develop solutions to remediate them," Tully said.
The white paper on this research is available online.