Healthcare systems have become prime targets for cyberattacks, with 71% of incidents in Europe focusing on hospitals and medical facilities. In 2023 alone, the European Union recorded 309 significant cyber incidents in the healthcare sector, outpacing all other critical infrastructure sectors in the region.
Cyberattacks: Sources of Cyber Threats
Government officials have identified Russia and China as the primary sources of these malicious attacks. However, hackers from India, Pakistan, and other nations have also been implicated in the rising tide of cyber threats. The European Commission has noted a worrying trend where ransomware attacks are particularly prevalent, with a strong emphasis on disrupting healthcare services.
Ransomware’s Dominance in Healthcare Cyber Incidents
Ransomware has emerged as a significant threat, accounting for 54% of all analysed cybersecurity incidents in the healthcare sector from 2021 to 2023. These attacks typically target personal patient data, disrupt healthcare services, and exploit financial vulnerabilities through breaches of medical devices and data systems. Notably, financial motivation drives 83% of these attacks, with the value of healthcare data being a key factor.
Impact on Patient Care
A report by the European Commission in 2024 found that 71% of the attacks affecting patient care involved ransomware. These incidents can lead to delayed treatment, hinder accurate diagnosis, and restrict access to emergency services. The European Commission’s action plan highlights the severe implications of ransomware, stating that such attacks can jeopardise patient safety and violate fundamental rights regarding personal data protection.
Strengthening Cybersecurity in Healthcare
To combat these escalating threats, the European Commission has developed a comprehensive action plan aimed at enhancing the resilience of healthcare systems. This plan focuses on four core pillars: prevention, detection, response, and deterrence of cyberattacks. The increasing digitalisation of healthcare systems has expanded potential vulnerabilities, making it essential for hospitals to fortify their cybersecurity measures.
Collaborative Initiatives Across Europe
In a recent parliamentary session, representatives from Cyprus’s Health Ministry and other relevant authorities discussed their participation in the EU cybersecurity initiative. This announcement aligns with the European Action Plan, which aims to bolster prevention, detection, response, and recovery strategies against cyber threats. The plan also advocates for the establishment of a European Support Centre and an early warning system to enhance cooperation among states, healthcare providers, and industry stakeholders.
