EU to Reveal 'Action Plan' to Tackle Increasing Cyberattacks on Hospitals
The European Commission plans to increase funding and enhance threat intelligence to protect healthcare systems against rising cyber threats.
The European Union is about to reveal an 'action plan' designed to bolster the cybersecurity of hospitals and healthcare providers, addressing the increasing wave of cyberattacks disrupting the sector.
Set to be introduced by the European Commission on Wednesday, the plan will offer additional funding to reinforce the technical infrastructures of healthcare facilities, guidelines for the implementation of existing EU cybersecurity regulations, and enhancements in information-sharing practices within the industry.
Cyberattacks on healthcare systems have become more frequent, with significant incidents in countries like Ireland, France, the UK, and Finland, especially since the COVID-19 pandemic began.
A particularly alarming event took place in Germany in 2020, where a cyberattack on a hospital resulted in a fatality, though charges were eventually dropped.
The EU's response involves allocating more resources to safeguard the sector from further attacks, which often involve ransomware and have extensive impacts on patient safety and hospital finances.
EU representatives, such as Stavros Lambrinidis, the EU ambassador to the UN, have cautioned against the increasing frequency of ransomware attacks. Lambrinidis noted that these attacks now occur every 11 seconds, with predictions of escalating to every two seconds by 2031. The EU's cyber agency ENISA estimates the median cost of a major healthcare security breach at €300,000.
A significant factor worsening this issue is the underfunding of many healthcare facilities, which often give priority to patient care over cybersecurity, leaving their IT systems exposed.
The shortage of proper resources to tackle technological vulnerabilities has made hospitals appealing targets for cybercriminals.
For example, EU-backed research has revealed that hospital staff often engage in risky cybersecurity behaviors, such as sharing passwords or writing them down, due to the pressures of their daily tasks.
Wim Hafkamp, leader of the Dutch healthcare sector's computer emergency response team, noted that healthcare institutions frequently navigate a complex technological environment, and resources are usually focused on patient care, sidelining IT security.
Ireland’s recent encounter with a cyberattack in May 2021, which officials termed 'very, very challenging,' highlights the pressing need for enhanced cyber resilience in the sector.
To address this, the EU is concentrating on improving information sharing and collaboration across European healthcare systems.
By developing frameworks for swift data exchanges on cyberattacks, the EU aims to equip healthcare institutions with the necessary tools to swiftly identify threats and take appropriate action.
Richard Browne, head of Ireland's cyber agency, stressed the importance of coordinated efforts, suggesting that Europe-wide initiatives, such as the EU’s cyber crisis liaison network, could serve as templates for healthcare-specific cybersecurity programs.
With healthcare increasingly targeted by cybercriminals, the European Commission’s action plan is viewed as a crucial move toward strengthening the sector against future threats.
By offering funding, guidance, and improved collaboration among EU member states, the plan aims to establish a safer and more resilient healthcare system capable of enduring the escalating wave of cyber threats.
Set to be introduced by the European Commission on Wednesday, the plan will offer additional funding to reinforce the technical infrastructures of healthcare facilities, guidelines for the implementation of existing EU cybersecurity regulations, and enhancements in information-sharing practices within the industry.
Cyberattacks on healthcare systems have become more frequent, with significant incidents in countries like Ireland, France, the UK, and Finland, especially since the COVID-19 pandemic began.
A particularly alarming event took place in Germany in 2020, where a cyberattack on a hospital resulted in a fatality, though charges were eventually dropped.
The EU's response involves allocating more resources to safeguard the sector from further attacks, which often involve ransomware and have extensive impacts on patient safety and hospital finances.
EU representatives, such as Stavros Lambrinidis, the EU ambassador to the UN, have cautioned against the increasing frequency of ransomware attacks. Lambrinidis noted that these attacks now occur every 11 seconds, with predictions of escalating to every two seconds by 2031. The EU's cyber agency ENISA estimates the median cost of a major healthcare security breach at €300,000.
A significant factor worsening this issue is the underfunding of many healthcare facilities, which often give priority to patient care over cybersecurity, leaving their IT systems exposed.
The shortage of proper resources to tackle technological vulnerabilities has made hospitals appealing targets for cybercriminals.
For example, EU-backed research has revealed that hospital staff often engage in risky cybersecurity behaviors, such as sharing passwords or writing them down, due to the pressures of their daily tasks.
Wim Hafkamp, leader of the Dutch healthcare sector's computer emergency response team, noted that healthcare institutions frequently navigate a complex technological environment, and resources are usually focused on patient care, sidelining IT security.
Ireland’s recent encounter with a cyberattack in May 2021, which officials termed 'very, very challenging,' highlights the pressing need for enhanced cyber resilience in the sector.
To address this, the EU is concentrating on improving information sharing and collaboration across European healthcare systems.
By developing frameworks for swift data exchanges on cyberattacks, the EU aims to equip healthcare institutions with the necessary tools to swiftly identify threats and take appropriate action.
Richard Browne, head of Ireland's cyber agency, stressed the importance of coordinated efforts, suggesting that Europe-wide initiatives, such as the EU’s cyber crisis liaison network, could serve as templates for healthcare-specific cybersecurity programs.
With healthcare increasingly targeted by cybercriminals, the European Commission’s action plan is viewed as a crucial move toward strengthening the sector against future threats.
By offering funding, guidance, and improved collaboration among EU member states, the plan aims to establish a safer and more resilient healthcare system capable of enduring the escalating wave of cyber threats.
Translation:
Translated by AI
AI Disclaimer: An advanced artificial intelligence (AI) system generated the content of this page on its own. This innovative technology conducts extensive research from a variety of reliable sources, performs rigorous fact-checking and verification, cleans up and balances biased or manipulated content, and presents a minimal factual summary that is just enough yet essential for you to function as an informed and educated citizen. Please keep in mind, however, that this system is an evolving technology, and as a result, the article may contain accidental inaccuracies or errors. We urge you to help us improve our site by reporting any inaccuracies you find using the "Contact Us" link at the bottom of this page. Your helpful feedback helps us improve our system and deliver more precise content. When you find an article of interest here, please look for the full and extensive coverage of this topic in traditional news sources, as they are written by professional journalists that we try to support, not replace. We appreciate your understanding and assistance.
