The EU to Reveal 'Action Plan' to Address Increasing Cyberattacks on Hospitals
The European Commission plans to increase funding and enhance threat intelligence to protect healthcare systems from rising cyber threats.
The European Union is preparing to release an 'action plan' aimed at boosting the cybersecurity of hospitals and healthcare providers, in light of a surge in cyberattacks that have severely disrupted the sector.
Scheduled for unveiling by the European Commission on Wednesday, the action plan will offer additional funding to reinforce healthcare institutions' technical infrastructure, provide guidance on applying current EU cybersecurity regulations, and enhance information-sharing practices industry-wide.
Cyberattacks targeting healthcare systems are becoming increasingly common, with significant incidents reported in Ireland, France, the UK, and Finland, especially since the COVID-19 pandemic began.
One of the most alarming incidents occurred in 2020 in Germany, where a cyberattack on a hospital resulted in a fatality, though subsequent charges were dismissed.
In response, the EU plans to allocate more resources to fortify the sector against future assaults, often perpetrated through ransomware with extensive impacts on patient safety and hospital budgets.
EU officials, including Stavros Lambrinidis, the EU ambassador to the UN, have cautioned about the rising rate of ransomware attacks.
Lambrinidis noted that these attacks occur every 11 seconds and are projected to increase to every two seconds by 2031. According to the EU's cyber agency ENISA, the median cost of a significant security breach in healthcare is €300,000.
A major challenge exacerbating the issue is the underfunding of healthcare institutions, which frequently focus on patient care at the expense of cybersecurity, leaving IT systems exposed.
The insufficient resources to tackle technological vulnerabilities make hospitals inviting targets for cybercriminals.
For example, EU-funded studies have revealed that hospital staff often engage in risky cybersecurity behaviors, like sharing passwords or writing them down, due to work demands.
Wim Hafkamp, head of the Dutch healthcare sector's computer emergency response team, pointed out that healthcare institutions typically encounter a complex technological environment, with resources usually devoted to patient care, sidelining IT security.
Ireland’s recent cyberattack in May 2021, described by officials as 'very, very challenging,' emphasizes the pressing need for improved cyber resilience in healthcare.
To tackle this, the EU aims to promote enhanced information sharing and cooperation among European healthcare systems.
By creating frameworks for the quick exchange of data on cyberattacks, the EU seeks to equip healthcare institutions with tools to swiftly identify threats and respond effectively.
Richard Browne, head of Ireland's cyber agency, stressed the importance of coordinated efforts, suggesting that European-wide initiatives like the EU’s cyber crisis liaison network could serve as models for specialized healthcare cybersecurity programs.
With healthcare increasingly targeted by cybercriminals, the European Commission’s action plan is viewed as a crucial measure in strengthening the sector against future threats.
By offering funding, guidance, and increased collaboration among EU member states, the plan aims to develop a safer and more resilient healthcare system capable of resisting the growing wave of cyber threats.
Scheduled for unveiling by the European Commission on Wednesday, the action plan will offer additional funding to reinforce healthcare institutions' technical infrastructure, provide guidance on applying current EU cybersecurity regulations, and enhance information-sharing practices industry-wide.
Cyberattacks targeting healthcare systems are becoming increasingly common, with significant incidents reported in Ireland, France, the UK, and Finland, especially since the COVID-19 pandemic began.
One of the most alarming incidents occurred in 2020 in Germany, where a cyberattack on a hospital resulted in a fatality, though subsequent charges were dismissed.
In response, the EU plans to allocate more resources to fortify the sector against future assaults, often perpetrated through ransomware with extensive impacts on patient safety and hospital budgets.
EU officials, including Stavros Lambrinidis, the EU ambassador to the UN, have cautioned about the rising rate of ransomware attacks.
Lambrinidis noted that these attacks occur every 11 seconds and are projected to increase to every two seconds by 2031. According to the EU's cyber agency ENISA, the median cost of a significant security breach in healthcare is €300,000.
A major challenge exacerbating the issue is the underfunding of healthcare institutions, which frequently focus on patient care at the expense of cybersecurity, leaving IT systems exposed.
The insufficient resources to tackle technological vulnerabilities make hospitals inviting targets for cybercriminals.
For example, EU-funded studies have revealed that hospital staff often engage in risky cybersecurity behaviors, like sharing passwords or writing them down, due to work demands.
Wim Hafkamp, head of the Dutch healthcare sector's computer emergency response team, pointed out that healthcare institutions typically encounter a complex technological environment, with resources usually devoted to patient care, sidelining IT security.
Ireland’s recent cyberattack in May 2021, described by officials as 'very, very challenging,' emphasizes the pressing need for improved cyber resilience in healthcare.
To tackle this, the EU aims to promote enhanced information sharing and cooperation among European healthcare systems.
By creating frameworks for the quick exchange of data on cyberattacks, the EU seeks to equip healthcare institutions with tools to swiftly identify threats and respond effectively.
Richard Browne, head of Ireland's cyber agency, stressed the importance of coordinated efforts, suggesting that European-wide initiatives like the EU’s cyber crisis liaison network could serve as models for specialized healthcare cybersecurity programs.
With healthcare increasingly targeted by cybercriminals, the European Commission’s action plan is viewed as a crucial measure in strengthening the sector against future threats.
By offering funding, guidance, and increased collaboration among EU member states, the plan aims to develop a safer and more resilient healthcare system capable of resisting the growing wave of cyber threats.
Translation:
Translated by AI
AI Disclaimer: An advanced artificial intelligence (AI) system generated the content of this page on its own. This innovative technology conducts extensive research from a variety of reliable sources, performs rigorous fact-checking and verification, cleans up and balances biased or manipulated content, and presents a minimal factual summary that is just enough yet essential for you to function as an informed and educated citizen. Please keep in mind, however, that this system is an evolving technology, and as a result, the article may contain accidental inaccuracies or errors. We urge you to help us improve our site by reporting any inaccuracies you find using the "Contact Us" link at the bottom of this page. Your helpful feedback helps us improve our system and deliver more precise content. When you find an article of interest here, please look for the full and extensive coverage of this topic in traditional news sources, as they are written by professional journalists that we try to support, not replace. We appreciate your understanding and assistance.
