What if Hospitals Could Automatically Protect Patients from Cyber Threats?
A software update was missed for the program running your local hospital’s X-ray machines. A hacker now controls all the machines and is demanding $500,000 in cryptocurrency be sent to an anonymous wallet; otherwise, he will shut down the entire radiology department.
This scenario becomes more likely for hospitals of all sizes as medical technology advances, adding more devices to constantly growing networks.
With the help of a contract award for up to $12 million from the Advanced Research Projects Agency for Health (ARPA-H), a team of researchers led by the School of Cybersecurity and Privacy at Georgia Tech will begin developing an advanced cybersecurity platform to help hospitals proactively identify and fix vulnerabilities in their software, devices, and networks.
“This is a new area of security research,” said Associate Professor Brendan Saltaformaggio. “We not only have to worry about the cybersecurity aspect, but the physical security as well. Our research must be very accurate to make sure patients are safe from cyberthreats.”
Starting next month, the team of researchers on the Hospital-Integrated Vulnerability Identification and Proactive Remediation (H-VIPER) project will begin developing a system they are calling the Whole-Hospital Simulation (WHS).
The system maps out the online network for hospitals of all sizes and enables IT teams to test their cyber capabilities before going live. The system can also identify threats, such as missed software updates, and alert the IT department.
“Hospitals have thousands of devices connected to their networks, including medical devices,” said Saltaformaggio. “A hospital like Children’s has a huge attack surface. A smaller hospital might have different challenges, but possible entry points are still there.”
The team has already interviewed IT teams at Children’s Healthcare of Atlanta and Hamilton Health Care System. Their findings have provided them with a better understanding of how to scale the WHS system to meet each hospital’s specific needs.
“Hospitals IT processes are notoriously sensitive to disruption, because essentially any kind of down time for rebooting a system or lack of availability can create chaos in the clinical environment,” said Stoddard Manikin, chief information security officer for Children’s Healthcare of Atlanta.
“Our goal is to create very smooth processes and workflow for our patient facing staff and providers to deliver the best care possible. This research opportunity gives us a chance to develop news ways where we can look at these sensitive medical devices and things on the IT network in a healthcare environment and potentially remediate vulnerabilities without taking them out of service.”
Saltaformaggio and his colleagues found that, regardless of size, security remains retroactive and not proactive. By leveraging their diverse expertise, the research team will ensure that the H-VIPER project addresses vulnerabilities at every layer of hospital technology, from the network to the hardware.
The School of Cybersecurity and Privacy will lead this initiative, with faculty from the H-VIPER project also representing the College of Computing, the College of Engineering, the School of Electrical and Computer Engineering, the School of Computer Science, and the Georgia Tech Research Institute, along with support from their Ph.D. students and postdoctoral researchers.
Around 30 Georgia Tech researchers will partner with Emory University, Children’s Healthcare of Atlanta, Hamilton Health Care System, Tufts University, Iowa State University, and Narf Industries.
Georgia Tech faculty working on the project are:
- Associate Professor Brendan Saltaformaggio
- Regents’ Professor Wenke Lee
- Professor Taesoo Kim
- Professor Fabian Monrose
- Assistant Professor Frank Li
- Associate Professor Saman Zonouz
- Associate Professor Daniel Genkin
- Research Professor Sukarno Mertoguno
- Senior Research Scientist Trevor Lewis
