EU to Reveal 'Action Plan' to Tackle Increasing Cyberattacks on Hospitals
The European Commission plans to increase funding and enhance threat intelligence to protect healthcare systems from the growing risk of cyber threats.
The European Union plans to introduce an 'action plan' to strengthen the cybersecurity of hospitals and healthcare providers, as the sector grapples with an increasing number of cyberattacks causing significant disruptions.
Set to be revealed by the European Commission on Wednesday, the plan will offer additional funding to bolster healthcare institutions' technical infrastructure, guidance on implementing existing EU cybersecurity regulations, and enhancements to information-sharing practices across the industry.
Cyberattacks on healthcare systems are becoming more frequent, with significant incidents reported in countries like Ireland, France, the UK, and Finland, particularly since the COVID-19 pandemic began.
One of the most alarming cases occurred in 2020 in Germany, where a hospital cyberattack resulted in a fatality, although charges were later dismissed.
In response, the EU aims to allocate more resources to shield the sector from future attacks, which often involve ransomware and have serious implications for patient safety and hospital finances.
EU officials, including Stavros Lambrinidis, the EU ambassador to the UN, have cautioned about the rising frequency of ransomware attacks.
Lambrinidis noted that these attacks occur every 11 seconds and may increase to every two seconds by 2031. According to ENISA, the EU's cyber agency, the median cost of a major security breach in healthcare is €300,000.
A significant issue worsening the situation is the underfunding of many healthcare institutions, often prioritizing patient care over cybersecurity, leaving IT systems vulnerable.
The lack of sufficient resources to tackle technological vulnerabilities has made hospitals attractive targets for cybercriminals.
For instance, EU-funded research has indicated that hospital staff often engage in unsafe cybersecurity practices, like sharing or writing down passwords, due to the demands of their daily tasks.
Wim Hafkamp, leader of the Dutch healthcare sector's computer emergency response team, pointed out that healthcare institutions frequently encounter a complex technological landscape, with resources typically focused on patient care, sidelining IT security.
Ireland's recent struggle with a cyberattack in May 2021, described by officials as 'very, very challenging,' further highlights the urgent need for improved cyber resilience in the sector.
To combat this, the EU is concentrating on advancing information sharing and cooperation across European healthcare systems.
By creating frameworks for the swift exchange of data on cyberattacks, the EU aims to equip healthcare institutions with the necessary tools to promptly identify threats and respond effectively.
Richard Browne, head of Ireland's cyber agency, stressed the importance of coordinated actions, suggesting that Europe-wide initiatives, like the EU’s cyber crisis liaison network, could serve as examples for healthcare-specific cybersecurity programs.
With healthcare increasingly targeted by cybercriminals, the European Commission’s action plan is regarded as a crucial step in reinforcing the sector against future threats.
By offering funding, guidance, and improved collaboration across EU member states, the plan seeks to cultivate a safer and more resilient healthcare system capable of withstanding the rising wave of cyber threats.
Set to be revealed by the European Commission on Wednesday, the plan will offer additional funding to bolster healthcare institutions' technical infrastructure, guidance on implementing existing EU cybersecurity regulations, and enhancements to information-sharing practices across the industry.
Cyberattacks on healthcare systems are becoming more frequent, with significant incidents reported in countries like Ireland, France, the UK, and Finland, particularly since the COVID-19 pandemic began.
One of the most alarming cases occurred in 2020 in Germany, where a hospital cyberattack resulted in a fatality, although charges were later dismissed.
In response, the EU aims to allocate more resources to shield the sector from future attacks, which often involve ransomware and have serious implications for patient safety and hospital finances.
EU officials, including Stavros Lambrinidis, the EU ambassador to the UN, have cautioned about the rising frequency of ransomware attacks.
Lambrinidis noted that these attacks occur every 11 seconds and may increase to every two seconds by 2031. According to ENISA, the EU's cyber agency, the median cost of a major security breach in healthcare is €300,000.
A significant issue worsening the situation is the underfunding of many healthcare institutions, often prioritizing patient care over cybersecurity, leaving IT systems vulnerable.
The lack of sufficient resources to tackle technological vulnerabilities has made hospitals attractive targets for cybercriminals.
For instance, EU-funded research has indicated that hospital staff often engage in unsafe cybersecurity practices, like sharing or writing down passwords, due to the demands of their daily tasks.
Wim Hafkamp, leader of the Dutch healthcare sector's computer emergency response team, pointed out that healthcare institutions frequently encounter a complex technological landscape, with resources typically focused on patient care, sidelining IT security.
Ireland's recent struggle with a cyberattack in May 2021, described by officials as 'very, very challenging,' further highlights the urgent need for improved cyber resilience in the sector.
To combat this, the EU is concentrating on advancing information sharing and cooperation across European healthcare systems.
By creating frameworks for the swift exchange of data on cyberattacks, the EU aims to equip healthcare institutions with the necessary tools to promptly identify threats and respond effectively.
Richard Browne, head of Ireland's cyber agency, stressed the importance of coordinated actions, suggesting that Europe-wide initiatives, like the EU’s cyber crisis liaison network, could serve as examples for healthcare-specific cybersecurity programs.
With healthcare increasingly targeted by cybercriminals, the European Commission’s action plan is regarded as a crucial step in reinforcing the sector against future threats.
By offering funding, guidance, and improved collaboration across EU member states, the plan seeks to cultivate a safer and more resilient healthcare system capable of withstanding the rising wave of cyber threats.
AI Disclaimer: An advanced artificial intelligence (AI) system generated the content of this page on its own. This innovative technology conducts extensive research from a variety of reliable sources, performs rigorous fact-checking and verification, cleans up and balances biased or manipulated content, and presents a minimal factual summary that is just enough yet essential for you to function as an informed and educated citizen. Please keep in mind, however, that this system is an evolving technology, and as a result, the article may contain accidental inaccuracies or errors. We urge you to help us improve our site by reporting any inaccuracies you find using the "Contact Us" link at the bottom of this page. Your helpful feedback helps us improve our system and deliver more precise content. When you find an article of interest here, please look for the full and extensive coverage of this topic in traditional news sources, as they are written by professional journalists that we try to support, not replace. We appreciate your understanding and assistance.
