DICOM (Digital Imaging and Communications in Medicine) is a ticking bomb in healthcare – updated for the COVID-19 pandemic

Updated in view of the COVID-19 pandemic (Feb-Mar 2020)

Medical imaging results saved in DICOM files is emerging to be an acute healthcare vulnerability.  Patients continually undergo medical imaging tests, but during the COVID-19 pandemic there is a requirement to limit patient access to clinics.  Furthermore, once a patient undergoes the evaluation, there are scenarios where the results are stored on a CD/DVD.  These physical devices can be inherent COVID-19 carriers due to handling by both patients and medical staff.

These concerns add to existing risks inherent with the DICOM protocol and CD/DVD usage, leading DICOM to be considered as a ticking bomb in healthcare: 

  • CD/DVDs can contain media based attacks (either unknowingly or with malicious intent).
  • The CD/DVDs often contain a viewer software (an executable) that can be compromised.
  • The DICOM protocol has known vulnerabilities that enable injecting malicious code that can compromise the PACS system.
  • Due to their complexity, it is challenging to scan DICOM files for threats – threats can be easily embedded inside of DICOM files and evade detection by traditional AV scanners and other security solutions.

An overview of DICOM vulnerabilities:

  • June 11th ’19.  The US ICS CERT has alerted to a vulnerability exposed in the DICOM protocol for medical imaging files.
  • The CVE-2019-11687 exploit demonstrates the ability of an attacker to embed malicious code into image files used by medical imaging devices.  This latest vulnerability joins a long list of concerns in the DICOM protocol, read here.
  • Sasa Software, together with Sasa APAC, has created a whitepaper on DICOM vulnerabilities, read here.

The solution: Sasa Software GateScanner DICOM Protector provides security by:  

  • Enabling patients to remotely upload DICOM files. 
  • Limits the usage of CD/DVDs 
  • Scans the viewing software.  
  • Uses a proprietary technology to scan the DICOM file for vulnerabilities and malicious code.

Read more about the solution, here 
Watch a short video on our Youtube channel: https://youtu.be/SSSmazFJiHg

Sasa Software is ISO 27799 certified.

Share on:


Share on facebook
Share on twitter
Share on linkedin
Scroll to Top