The European Union Agency for Cybersecurity (ENISA) has released its first report on cyber threats in the healthcare sector. The report analyzed 215 publicly reported incidents from January 2021 to March 2023 in the EU, as well as neighboring countries. It’s worth noting that the database only includes incidents that were made known to the media. Healthcare organizations in the EU are required to report cybersecurity incidents to national authorities under the NIS Directive. ENISA aims to create a high level of network and information security throughout Europe.
The report found that the main targets of cyberattacks were hospitals, followed by health authorities/organizations/agencies, the pharmaceutical industry, health research, and health service providers and suppliers. The number of ransomware incidents has been steadily increasing since 2021, not only in the healthcare sector but also in other industries. Data threats include deliberate attacks to obtain data (data breach) as well as data leaks caused by misconfigurations, vulnerabilities, or human error. DDoS attacks against healthcare organizations also increased during the reporting period.
Most attacks in the healthcare sector come from financially motivated cybercriminals who target highly sensitive personal health data. These perpetrators often threaten to publish the data if a ransom is not paid, putting both health organizations and patients at risk. The report briefly outlines some groups of perpetrators but fails to mention relevant ransomware groups that specialize in the healthcare sector.
The report highlights the challenge of IT security in medical devices and its potential impact on patient safety and data protection. The use of proprietary software and unpatched systems is common in the healthcare sector, making hospital IT vulnerable. The report concludes with key recommendations for the healthcare industry, including educating and training staff, conducting regular vulnerability scans, keeping systems and programs up to date, implementing secure authentication for remote access, and practicing the right behavior in emergencies. The commitment of executives or management to cybersecurity is also crucial.
It is crucial to improve the security situation in the digitized healthcare system worldwide. Recent examples, such as the database theft from HCA Healthcare in the US and the ransomware attack on the Barts Health NHS Trust Fund in England, highlight the urgent need for better cybersecurity measures in the healthcare sector. Cyber attacks can lead to data breaches, disruptions in the healthcare system, and even the closure of health facilities. Ongoing investigations are being conducted into these incidents by both authorities and affected organizations.
