Radiotherapy and Oncology Review Article

Overview

The rapid digitalisation of radiation oncology has improved precision, workflow efficiency, and treatment delivery. However, it has also introduced new cybersecurity challenges for safety-critical clinical systems, particularly linear accelerators (LINACs), which are central to modern cancer treatment.

While most reported cyber incidents in healthcare have focused on ransomware and information technology disruption, this review examines a broader and more critical question: how could cyberattacks affect LINAC-based radiotherapy workflows beyond service downtime?

The article analyses LINAC cybersecurity risks by examining the wider radiation oncology ecosystem, including treatment planning systems, oncology information systems, record-and-verify platforms, treatment consoles, imaging systems, vendor remote access pathways, and clinical workflow dependencies.

The review highlights several key areas:

• The cybersecurity risks associated with networked LINAC environments and their integration with hospital IT and operational technology systems.
• Potential attack surfaces across treatment planning, verification, treatment console interaction, patient positioning, and treatment data integrity.
• A focused threat model covering opportunistic intruders, targeted adversaries, and advanced persistent threats.
• Defence mechanisms including network segmentation, zero-trust access control, intrusion detection, cryptographic data integrity, secure vendor access, resilience planning, and workflow-aware cybersecurity practices.

The paper argues that although confirmed malicious cyberattacks directly targeting LINACs have not been publicly reported, the increasing interconnection of healthcare systems makes proactive cybersecurity planning essential. Strengthening LINAC cybersecurity should therefore be viewed as an investment in patient safety, treatment continuity, and the resilience of cancer care.

Resources

• Read the paper via DOI
• View Paper PDF