Specialized malware-detection engine secures file transfers and protocols used in EHR and PACS systems.
Varist announced the introduction of its DICOM (Digital Imaging and Communications in Medicine) Detection Engine, designed to safeguard healthcare communications networks, electronic health records (EHR), and picture archiving and communication systems (PACS) used in medical imaging from malware, including AI-powered malware that employs AI to automate, scale, and customize cyberattacks.
The Varist malware detection engine combines large-scale file scanning with real-time simulation of suspicious files to detect and analyze emerging threats within milliseconds, according to a press release from the company.
Medical Imaging is Vulnerable
Medical imaging environments process millions of files daily, creating a vast, often under-protected attack surface for emerging threats and AI-generated malware, the company notes. Varist’s DICOM Detection Engine provides real-time scanning and analysis for imaging file streams, specialized protocols, and ultra-large files. Along with PACS and EHR, AI-scale detection helps prevent radiology information systems and other critical communications systems used in healthcare from becoming vectors for malware.
“A picture is worth a thousand words, especially when lives depend on it, and threat actors may be looking to use that to their advantage,” says Varist chief technology officer Siggi Petursson in a release. “Varist’s specialized detection for healthcare environments finds new self-evolving threats designed to evade detection by conventional systems, without adding delays or compromising patients’ care and privacy.”
Detection for Medical Imaging
As the universal standard for medical imaging files, PACS relies on specialized protocols and formats to enable interoperability across imaging modalities such as X-rays, CT and PET scans, MRIs, and ultrasounds. According to Varist, DICOM Detection Engine “fills security gaps left by conventional scanning and sandboxing, detecting known and unknown threats, including malware that attempts to leverage life-critical images.”
Highlights of the Varist DICOM Detection Engine include:
- Dedicated detection engines for DICOM, HL7, and FHIR, three formats used in PACS and EHR platforms.
- Hyperscale DICOM header analysis to find headers modified to turn imaging files into executables that deliver malicious payloads.
- Full-file scanning, including large medical images (such as MRIs) up to 3GB.
- Predictive payload detection simulates the behaviors of suspicious files to enable zero-day detection of novel DICOM exploits that have not yet been cataloged in malware signature databases.
- Organizations that integrate Varist technology can scan and analyze files locally without uploading them to public cloud infrastructures.
Additionally, the company says its hybrid detection engine processes roughly 500 files per second, analyzes suspicious files in under 9 milliseconds, reports a false-positive rate of less than 0.001%, and is designed to scale across large multi-site and multi-cloud deployments.
Photo caption: The Varist malware detection engine combines large-scale file scanning with real-time simulation of suspicious files to detect and analyze emerging threats within milliseconds, according to the company.
Photo credit: Varist
