EU to Reveal 'Action Plan' to Tackle Increasing Cyberattacks on Hospitals
The European Commission plans to increase funding and enhance threat intelligence to protect healthcare systems from growing cyber threats.
The European Union is poised to introduce an "action plan" designed to bolster the cybersecurity of hospitals and healthcare providers, in response to a surge in cyberattacks that have already caused significant disruptions.
This plan, which the European Commission is expected to present on Wednesday, will propose increased funding for enhancing the technical infrastructure of healthcare facilities, offer guidance on applying current EU cybersecurity regulations, and seek to improve information-sharing practices within the sector.
Cyberattacks have become increasingly common in healthcare systems, with notable incidents reported in Ireland, France, the UK, and Finland, especially since the start of the COVID-19 pandemic.
One particularly troubling incident took place in Germany in 2020, where a cyberattack on a hospital resulted in a fatality, although no charges were ultimately pursued.
In response, the EU aims to allocate more resources to protect the sector from additional attacks, which are frequently executed through ransomware and significantly impact both patient safety and hospital financials.
EU officials, such as Stavros Lambrinidis, the EU ambassador to the UN, have sounded alarms about the growing frequency of ransomware attacks.
Lambrinidis noted that these attacks currently occur every 11 seconds and are anticipated to increase to one attack every two seconds by 2031. Data from the EU's cybersecurity agency ENISA indicates that the median financial impact of a major security breach in healthcare is €300,000.
A major factor exacerbating this issue is the underfunding of numerous healthcare institutions, which often prioritize patient care over cybersecurity, thereby leaving their IT systems vulnerable.
Insufficient resources to address technological vulnerabilities make hospitals enticing targets for cybercriminals.
EU-funded research has revealed that hospital staff often engage in precarious cybersecurity behaviors, such as sharing passwords or writing them down, due to the pressures of their daily responsibilities.
Wim Hafkamp, head of the Dutch healthcare sector's computer emergency response team, stated that healthcare institutions frequently encounter a complicated technological environment, with resources usually focused on patient care, relegating IT security to a lesser priority.
Ireland's recent cyberattack experience in May 2021, described by officials as "very, very challenging," highlights the urgent need to improve cyber resilience in the sector.
To tackle this, the EU is concentrating on boosting information exchange and collaboration among European healthcare systems.
By creating frameworks for the swift sharing of data on cyberattacks, the EU aims to equip healthcare institutions with the necessary tools to rapidly identify threats and respond effectively.
Richard Browne, head of Ireland's cyber agency, stressed the importance of coordinated actions, suggesting that European-wide initiatives, such as the EU’s cyber crisis liaison network, could serve as models for healthcare-specific cybersecurity strategies.
With healthcare increasingly targeted by cybercriminals, the European Commission’s action plan is considered a crucial move in strengthening the sector against future threats.
By providing funding, guidance, and enhanced collaboration across EU member states, the plan seeks to establish a safer and more resilient healthcare system capable of countering the mounting wave of cyber threats.
This plan, which the European Commission is expected to present on Wednesday, will propose increased funding for enhancing the technical infrastructure of healthcare facilities, offer guidance on applying current EU cybersecurity regulations, and seek to improve information-sharing practices within the sector.
Cyberattacks have become increasingly common in healthcare systems, with notable incidents reported in Ireland, France, the UK, and Finland, especially since the start of the COVID-19 pandemic.
One particularly troubling incident took place in Germany in 2020, where a cyberattack on a hospital resulted in a fatality, although no charges were ultimately pursued.
In response, the EU aims to allocate more resources to protect the sector from additional attacks, which are frequently executed through ransomware and significantly impact both patient safety and hospital financials.
EU officials, such as Stavros Lambrinidis, the EU ambassador to the UN, have sounded alarms about the growing frequency of ransomware attacks.
Lambrinidis noted that these attacks currently occur every 11 seconds and are anticipated to increase to one attack every two seconds by 2031. Data from the EU's cybersecurity agency ENISA indicates that the median financial impact of a major security breach in healthcare is €300,000.
A major factor exacerbating this issue is the underfunding of numerous healthcare institutions, which often prioritize patient care over cybersecurity, thereby leaving their IT systems vulnerable.
Insufficient resources to address technological vulnerabilities make hospitals enticing targets for cybercriminals.
EU-funded research has revealed that hospital staff often engage in precarious cybersecurity behaviors, such as sharing passwords or writing them down, due to the pressures of their daily responsibilities.
Wim Hafkamp, head of the Dutch healthcare sector's computer emergency response team, stated that healthcare institutions frequently encounter a complicated technological environment, with resources usually focused on patient care, relegating IT security to a lesser priority.
Ireland's recent cyberattack experience in May 2021, described by officials as "very, very challenging," highlights the urgent need to improve cyber resilience in the sector.
To tackle this, the EU is concentrating on boosting information exchange and collaboration among European healthcare systems.
By creating frameworks for the swift sharing of data on cyberattacks, the EU aims to equip healthcare institutions with the necessary tools to rapidly identify threats and respond effectively.
Richard Browne, head of Ireland's cyber agency, stressed the importance of coordinated actions, suggesting that European-wide initiatives, such as the EU’s cyber crisis liaison network, could serve as models for healthcare-specific cybersecurity strategies.
With healthcare increasingly targeted by cybercriminals, the European Commission’s action plan is considered a crucial move in strengthening the sector against future threats.
By providing funding, guidance, and enhanced collaboration across EU member states, the plan seeks to establish a safer and more resilient healthcare system capable of countering the mounting wave of cyber threats.
AI Disclaimer: An advanced artificial intelligence (AI) system generated the content of this page on its own. This innovative technology conducts extensive research from a variety of reliable sources, performs rigorous fact-checking and verification, cleans up and balances biased or manipulated content, and presents a minimal factual summary that is just enough yet essential for you to function as an informed and educated citizen. Please keep in mind, however, that this system is an evolving technology, and as a result, the article may contain accidental inaccuracies or errors. We urge you to help us improve our site by reporting any inaccuracies you find using the "Contact Us" link at the bottom of this page. Your helpful feedback helps us improve our system and deliver more precise content. When you find an article of interest here, please look for the full and extensive coverage of this topic in traditional news sources, as they are written by professional journalists that we try to support, not replace. We appreciate your understanding and assistance.
