The
analysis
maps and comprehensive studies the cyber attacks, by identifying the main threats, actors, impact and trends over a period of more than 2 years, providing valuable information for the community of medical attention and political leaders. The analysis is based on a total of 215 publicly reported incidents in the eu and neighbouring countries.
The report of
ENISA
reveals a disturbing reality of the challenges facing the health sector in the eu during the reporting period.
-
Widespread incidents. The european health sector experienced a significant number of incidents, and health care providers represented 53 per cent of the total number of incidents. Hospitals, in particular, the most, with 42 per cent of incidents reported. In addition, the authorities, agencies and health agencies (14 per cent), and the pharmaceutical industry (9 per cent) were attacked.
-
Ransomware and data. The ransomware emerged as one of the main threats in the health sector (54 per cent of incidents) it is likely that this trend will continue. Only 27 per cent of the organizations surveyed in the health sector have a defence against ransomware dedicated. Driven by financial gain, extort money from cyber both health organizations and patients, threatening to disclose personal data, or sensitive data. The patients, including the electronic registers of health, were the most selected (30 per cent). Alarmingly, almost half of all incidents (46 per cent) were intended to steal or filter the data of health organizations.
-
Impact and lessons learned by the pandemic of COVID-19 . It is essential to bear in mind that the reporting period coincided with a significant part of the era of the pandemic of COVID-19, during which the health sector became a major objective for the attackers. The actors of financially motivated threats, driven by the value of the patient, were responsible for most of the attacks (53 per cent). The pandemic saw multiple cases of brain data systems and testing labs COVID-19 related in various eu countries. Domestic practices and security, including poor erroneous settings, identified themselves as the main causes of these leaks. Incidents serve as a stark reminder of the importance of sound practices of cybersecurity, particularly in times of urgent operational requirements.
-
Vulnerabilities in health systems . The attacks on the supply chains for care and service providers interruptions or losses caused to health-care organizations (7 per cent). It is hoped that such attacks remain significant in the future, given the risks posed by the vulnerabilities in health systems and medical devices. A recent study revealed that ENISA health organisations reported the increased number of security incidents involving vulnerabilities in software or hardware, with 80 per cent of respondents citing vulnerabilities as the cause of more than 61 per cent of its security incidents.
-
Geopolitical developments and DDoS. The geopolitical developments and the activity carried a hacktivista increase in the denial of service attacks distributed (DDoS) by russian hacktivistas groups against hospitals and health authorities at the beginning of 2023, which accounted for 9 per cent of incidents. While it is expected that this trend continues, the real impact of these attacks remains relatively low.
-
The incidents considered in the report had significant consequences for health, which was mainly in rape or theft of data (43 per cent) interrupted medical services (22 per cent) and ceased services not related to medical care (26 per cent). The report also highlights the financial losses sustained, with an average cost of a major security incidents occurred in the health sector estimated at 300,000 euros, according to the study ENISA NIS Investment 2022.
-
Patient safety emerges as a primary concern for the health community, given the possible delays in triaje and the treatment caused by cyber incidents.
