Explore the main cybersecurity challenges for PACS and medical imaging, from data breaches to outdated systems, and learn how hospitals can stay protected.

In 2024, a mid-sized hospital in Florida had to shut down its entire radiology department for two days after a ransomware attack froze access to its imaging database.

It wasn’t the MRI machines that failed, it was the PACS, the Picture Archiving and Communication System that stores and shares every patient scan.

That single attack delayed diagnoses, postponed surgeries, and left staff scrambling with printed records. It showed how fragile modern healthcare becomes when its digital backbone is exposed.

Medical imaging systems have quietly become one of the most valuable targets for cybercriminals. PACS holds massive volumes of sensitive patient data, names, birth dates, insurance details, and sometimes even embedded medical notes.
For attackers, that’s a gold mine.

Yet, many healthcare organizations still treat imaging security as an afterthought. Systems run on outdated servers, use old communication protocols, or rely on third-party vendors with weak access controls. According to HIPAA Journal, healthcare breaches affected over 100 million records last year, and imaging systems were often among the first compromised.

The problem isn’t just about lost data. A breach can delay critical treatment, violate HIPAA regulations, and destroy public trust. Unlike other industries, healthcare doesn’t have the luxury of “downtime.” When your PACS system is locked, lives are literally put on hold.

In this article, I’ll break down the main cybersecurity challenges for PACS and medical imaging, explain why they keep happening, and share practical steps any healthcare provider can take to protect their systems without disrupting patient care.

Because when it comes to healthcare, data protection is patient protection.

What Makes PACS Vulnerable

Most healthcare providers depend on their PACS systems every day without realizing how exposed they are.

PACS (Picture Archiving and Communication System) links X-rays, MRIs, CT scans, and other images across departments.

It connects to hospital servers, imaging devices, and electronic health record (EHR) systems. This constant connectivity makes it both powerful and risky.

Here’s why PACS has become a weak point in hospital cybersecurity:

1. Legacy Infrastructure

Many hospitals still use PACS servers that are ten or even fifteen years old. They run on outdated operating systems that no longer receive security updates.

Replacing them is expensive, so IT teams keep patching the same old systems and hoping for the best.

2. Limited Maintenance Windows

Imaging systems often run 24/7. Taking them offline for maintenance or upgrades means interrupting patient care. As a result, updates get delayed, and vulnerabilities stay open for months.

3. Weak Network Segmentation

In many hospitals, PACS is connected to the same network as administrative tools, email servers, or even guest Wi-Fi. That means if one device gets infected, the attacker can easily move from there into the imaging database.

4. Outdated Communication Protocols

PACS uses DICOM (Digital Imaging and Communications in Medicine), a standard developed decades ago.

While still effective for image sharing, DICOM wasn’t built with modern cybersecurity in mind. Without encryption, DICOM traffic can be intercepted or manipulated.

5. Third-Party Access

Radiologists, vendors, and remote specialists often access PACS through external connections.

Each connection increases risk. If one of those partners has weak passwords or poor internal security, your entire network could be exposed.

6. Poor Logging and Visibility

Many PACS systems lack detailed activity logs. Hospitals can’t easily track who accessed what, when, or from where. When something suspicious happens, it’s hard to trace or prove.

7. Slow Detection of Threats

Traditional monitoring tools rely on static rules. They often miss subtle or new attack patterns. This is where newer solutions like AI-powered cyber security can help. These systems learn from normal behavior, detect anomalies in real time, and flag unusual data transfers before they escalate.

Hospitals don’t need massive budgets to apply better protection. They need awareness and a strategy that balances uptime with safety. Knowing where PACS is most vulnerable is the first step to building stronger defenses.

Key Cybersecurity Challenges for PACS and Medical Imaging

Medical imaging networks are complex, and most hospitals are juggling performance, compliance, and patient care all at once.

That combination makes security easy to overlook. Here are the main challenges I’ve seen across hospitals and imaging centers.

1. Legacy Systems Still in Use

Many PACS servers still run outdated operating systems, such as Windows 7 or even older versions. These systems don’t get new security patches, leaving known weaknesses open. Updating them can be costly, but ignoring them often costs more after a breach.

2. Unsecured DICOM Protocols

DICOM is the standard for sharing and storing medical images. It was designed for compatibility, not security.

Without encryption, DICOM files can be intercepted or altered during transmission.

In some cases, patient information embedded in those files is readable by anyone who gains access.

3. Lack of Network Isolation

PACS is often connected to the main hospital network for convenience. But this setup lets attackers move freely if they breach one device.

Without network segmentation, a single infected email or compromised workstation can spread through the imaging system in minutes.

4. Third-Party Access Risks

Hospitals rely on vendors, contractors, and remote radiologists who all need access to PACS.

Each outside connection is another risk point. When partners fail to follow strict access controls, they can unknowingly open the door to attackers.

5. Insider Threats and Human Error

Staff mistakes are still one of the biggest causes of breaches.

Common issues include shared passwords, storing images on personal drives, and using unsecured cloud folders for convenience. It only takes one careless move to expose hundreds of patient records.

6. Ransomware and Downtime

Attackers target PACS because they know hospitals can’t afford downtime. A locked imaging system means delayed diagnoses and canceled procedures.

Paying the ransom may feel like the fastest fix, but it also encourages more attacks.

7. Compliance Pressure

Hospitals must follow HIPAA and other privacy laws. Failing to protect imaging data can lead to heavy fines, reputation loss, and even legal action.

Compliance is not just paperwork; it’s part of protecting patients and maintaining trust.

Recommendations for Strengthening PACS Cybersecurity

You don’t need a full IT overhaul to make PACS safer. Start small and stay consistent.

1. Segment the Network

Keep PACS on its own secure network, separate from email and admin systems. It limits how far an attack can spread.

2. Encrypt DICOM Traffic

Use encryption for both in-transit and at-rest data. This prevents anyone from intercepting patient information.

3. Patch and Update Regularly

Plan short maintenance windows to apply updates. A brief pause is better than a full shutdown after a breach.

4. Monitor Access

Review user permissions often. Remove inactive accounts and restrict vendor access to specific times or devices.

5. Use Smart Detection Tools

AI-based monitoring systems can flag abnormal traffic and stop attacks faster than manual checks.

6. Train Your Team

Educate radiology staff and vendors on phishing, password security, and data-sharing rules. Simple awareness can prevent most errors.

Conclusion

Cybersecurity for PACS and medical imaging is no longer optional. These systems store sensitive patient data and are tightly integrated with hospital operations. When they fail, everything slows down.

Protecting them starts with awareness. Small actions such as network segmentation, encryption, and access reviews can block the majority of threats. Combine that with routine updates and basic staff training, and you’ll close most of the gaps that hackers rely on.

In healthcare, cybersecurity isn’t just about compliance. It’s about protecting the people behind every image.