Contents:
The European Union Agency for Cybersecurity (ENISA) has released its first cyber threat landscape report for the health sector, revealing that ransomware is responsible for 54% of cybersecurity threats in the industry.
The comprehensive analysis, based on over two years of data from 215 publicly reported incidents in the EU and neighboring countries, provides valuable insights for the healthcare community and policymakers.
According to the report, healthcare providers accounted for 53% of the total incidents, with hospitals being the primary target at 42%. Health authorities, bodies, and agencies were targeted in 14% of incidents, while the pharmaceutical industry accounted for 9% of attacks.
ENISA’s Key Findings
Ransomware emerged as a major threat, comprising 54% of incidents. This trend is expected to continue, as only 27% of surveyed organizations in the health sector have a dedicated ransomware defense program. Cybercriminals are targeting both health organizations and patients, extorting them for financial gain and threatening to disclose personal and sensitive data. Patient data, including electronic health records, were the most frequently targeted assets, accounting for 30% of incidents. Alarmingly, nearly half of all incidents (46%) aimed to steal or leak health organizations’ data.
The report also highlights the impact of the COVID-19 pandemic on the healthcare sector’s cybersecurity. Financially motivated threat actors, recognizing the value of patient data, were responsible for the majority of attacks (53%). Multiple instances of data leakage from COVID-19-related systems and testing laboratories were reported across various EU countries. Insiders and poor security practices, such as misconfigurations, were identified as primary causes of these leaks, emphasizing the importance of robust cybersecurity practices during times of urgent operational needs.
The study also identifies vulnerabilities in healthcare systems as a significant concern. Attacks on healthcare supply chains and service providers resulted in disruptions or losses for health organizations, accounting for 7% of incidents. Vulnerabilities in software or hardware were cited as the cause of more than 61% of security incidents, according to a recent ENISA study.
Additionally, geopolitical developments and hacktivist activity led to a surge in Distributed Denial of Service (DDoS) attacks by pro-Russian hacktivist groups, accounting for 9% of total incidents. While this trend is expected to continue, the actual impact of these attacks remains relatively low.
Consequences
The consequences of these cyber incidents for health organizations were significant, resulting in data breaches or theft (43%), disrupted healthcare services (22%), and disruptions to non-healthcare services (26%). The report also highlights the financial losses incurred, with the median cost of a major security incident estimated at €300,000 according to the ENISA NIS Investment 2022 study.
Patients’ safety emerges as a paramount concern, as cyber incidents have the potential to cause delays in triage and treatment.
The ENISA threat landscape reports aim to assist decision-makers, policymakers, and security specialists in defining strategies to defend citizens, organizations, and cyberspace. The analysis presented in the report is based on open sources, including media articles, expert opinions, intelligence reports, incident analysis, and security research reports.
Read ENISA’s full analysis here.
In conjunction with the ENISA report, the NIS Cooperation Group has released its own report on “Threats and risk management in the health sector – Under the NIS Directive.” This study assesses the current measures in place and provides recommendations for mitigating cybersecurity challenges in the EU health sector.
If you liked this article, follow us on LinkedIn, Twitter, Facebook, and YouTube for more cybersecurity news and topics.
Do you work for an NHS Trust? Heimdal is giving you free ransomware licenses to combat growing cyber attacks.
Get your free ransomware protection here .