Greenbone extends its security feed capabilities to detect unprotected PACS in use by medical pros

Greenbone, a leading provider of vulnerability management solutions, has extended its security feed capabilities in order to detect unprotected Picture Archiving and Communication Systems (PACS) in use by medical professionals to store and share scans, x-rays and other medical images.

In September 2019, Greenbone revealed that approximately 700 million images – relating to more than 24 million patient records – were exposed on the internet due to poorly secured PACS servers.

Sensitive patient data requires complete protection yet Greenbone’s research identified some 2,300 medical image archiving systems visible on the public internet.

A significant proportion of these servers allowed unsecured access to image files containing sensitive data such as patient names, birth and examination dates, as well as the reason for the examination.

The new Greenbone vulnerability tests are designed to help hospitals, radiology clinics and other healthcare facilities avoid data leaks in the future. Included in the security feed of Greenbone’s vulnerability management solution, these tests enable healthcare customers to identify unprotected PACS servers within their image archives.

They will also receive notifications about whether an encrypted connection is used, if patient data is retrievable, and whether any authentication is configured. Customers can also check the Application Entity Titles (AET) of these systems.

These titles control access to certain image databases but often follow standardised formats, making them susceptible to brute force attacks.

Crucially, the tests check whether it is possible for the public to access these PACS servers, together with the data and images they contain. If the test is positive, administrators can take immediate action to close any gaps in security.

Dirk Schrader, cyber resilience architect at Greenbone, commented: “Several security researchers have criticised PACS servers for being readable and vulnerable to attack, but what shocked us was the true extent of the problem. Our analysis uncovered unsecured PACS systems in use all over the world; a situation that simply cannot be allowed to continue.

“By extending the capabilities of the Greenbone Security Feed to test for unprotected PACS, we hope to make it much easier for health providers to protect confidential patient data and images, both now and well into the future.”

These new tests are available to customers using Greenbone Security Manager (GSM), Greenbone Community Edition (GCE) or Greenbone Vulnerability Management (GVM).

Users of the Greenbone Community Feed can find further information on the community page or can contact Greenbone support for general information on how to fix vulnerabilities and the Vulnerability Tests (VT) provided as part of the Security Feed.