Explore our Topics:

How attackers weaponize DICOM files to breach health systems

Attackers are hiding malware in DICOM medical imaging files to breach health systems. Here's how the threat works and how detection is catching up.
By admin
Jul 16, 2026, 3:15 PM

Medical imaging detects everything from brain damage to broken bones to cancer, but the files that encode these crucial images are now being leveraged by threat actors to gain access to medical institutions and harvest sensitive data.

The millions of medical imaging files transferred daily are a perfect means of delivering malicious code. DICOM — Digital Imaging and Communications in Medicine, the decades-old standard for storing and transmitting medical images — encodes both the image itself and the patient’s data in a single file.

X-rays, MRI scans and CT scans are typically encoded in this format and forwarded to the parties who need to analyze them in order to obtain a diagnosis. These files are easily altered to deliver a malware payload instead.

DICOM has been in use since 1985 – and is uniquely vulnerable. Because it is so standardized, it has proven difficult to change on a large scale. Its built-in security features are available but inconsistently implemented. Secure DICOM is notoriously complex and expensive.

Poorly protected medical institutions leave their servers vulnerable to attack. A recent Trend Micro investigation found 3,627 DICOM servers accessible through public internet connections across more than 100 countries — and just 0.14% of them used encryption. Attackers are thus granted easy access to highly personal information with very little effort.

The standard’s stewards push back on this framing. The Medical Imaging & Technology Alliance, which maintains DICOM, argues that the protocol is not inherently insecure — it has offered a secure-connection capability for years — and that safe implementation rests with the vendors and health systems that deploy it.

Icelandic cybersecurity company Varist has introduced a detection engine that scans both the headers – where code is often introduced – and image data regions of DICOM files.

“If it’s a normal file, it will load into whatever is reading the image. But if a tiny little piece is changed, it executes the malware instead,” explains Siggi Petursson, chief product officer at Varist.

Malware attacks can be highly damaging to both healthcare systems and patients themselves. Once the code executes, it can infiltrate an entire database filled with highly sensitive information about patients – their identities, finances and health statuses. This data can later be exfiltrated and used for fraud, extortion, and other crimes.

“A medical imaging machine sends [the scan] to a computer. There’s usually some initial processing. That’s where the attacker can modify the DICOM,” Petursson says. “Then it goes from the hospital onto a cloud. That’s where the attacker can move from the hospital to a more general space.”

In January 2025, SimonMed Imaging, which operates more than 170 facilities across 10 states, was hit by a Medusa ransomware attack that exposed the healthcare data of more than 1.2 million people — a reminder of how attractive imaging providers have become as targets. (The breach was a network intrusion through a vendor, not a weaponized DICOM file.) Separately, researchers demonstrated as early as 2019 that conditions could be digitally added to or removed from imaging files — changes that fooled 99% of radiologists in one study, with troubling implications, particularly for public figures who might be harmed by the release of falsified information about their health.

The technology developed by Varist aims to reduce exposure to such attacks for its clients through a more rigorous examination of DICOM files.

“We don’t really have a file size limit, so we can scan the whole file,” Petursson says. “We have an engine that is specifically designed for DICOM files. We’re not doing generic across-the-board scanning. Many engines treat every file the same.”

Detecting the malicious code is logistically challenging for both healthcare and security companies, though. Because of HIPAA regulations and other legislation that protects patient privacy, files containing private healthcare information must undergo certain procedures prior to being examined.

“They have to clean the DICOM files and remove the image in order for us to see how the threat was constructed,” Petursson says. Transmitting the images would be a violation.

Once malicious code is detected by Varist’s technology, the file is then quarantined so that the code cannot spread further into the system. Unfortunately, this may mean that the imaging needs to be redone. These attacks can slow diagnostics for individual patients.

“You may have to call the patients back in,” Petursson cautions.

The volume of images – and other vulnerable files such as PDFs – passing through a given institution requires some efficiency. Their detection engine offers a probability score.

“Companies then decide where they want their risk tolerance to be,” he says. “They have to look at the file and analyze themselves. It’s really up to our customers what they do with that information.”

They certainly need to do something. Studies have indicated that millions to even billions of records have leaked due to vulnerabilities in DICOM – and in the Picture Archiving and Communication System (PACS), which is how these images are stored and managed. These weaknesses have resulted in substantial liabilities already. In April 2026, Mt. Baker Imaging and Northwest Radiologists agreed to a proposed $3.3 million settlement to resolve class-action claims over a January 2025 ransomware breach — a case that leaned on Washington’s My Health My Data Act to reach beyond HIPAA.


Show Your Support

Subscribe

Newsletter Logo

Subscribe to our topic-centric newsletters to get the latest insights delivered to your inbox weekly.

Enter your information below

By submitting this form, you are agreeing to DHI’s Privacy Policy and Terms of Use.