Content Assessment: Digital Disease? The Ongoing Cyber Threat to EU's Health Sector
Information - 94%
Insight - 95%
Relevance - 93%
Objectivity - 93%
Authority - 94%
A short percentage-based assessment of the qualitative benefit of the recent report by the European Union Agency for Cybersecurity (ENISA) on the threat landscape for the health sector.
Editor’s Note: The European Union Agency for Cybersecurity, ENISA, is the EU agency dedicated to achieving a high common level of cybersecurity across Europe. Established in 2004 and strengthened by the EU Cybersecurity Act, ENISA contributes to EU cyber policy, enhances the trustworthiness of ICT products, services, and processes with cybersecurity certification schemes, cooperates with Member States and EU bodies, and helps Europe prepare for the cyber challenges of tomorrow. Through knowledge sharing, capacity building, and awareness raising, the agency works together with its key stakeholders to strengthen trust in the connected economy, to boost resilience of the EU’s infrastructure, and, ultimately, to keep Europe’s society and citizens digitally secure. The recent ENISA report, “ENISA Threat Landscape: Health Sector,” may serve as a critical resource for cybersecurity, information governance, and eDiscovery professionals and, by incorporating the insights and recommendations from this report into their practices, professionals in these fields can benefit from the consideration of the cybersecurity challenges faced by the EU health sector.
Background Note: The European Union Agency for Cybersecurity (ENISA) has published its inaugural study analyzing the cyber threat landscape in the health sector across the European Union. Spanning a two-year period from January 2021 to March 2023, this report provides crucial insight into the security challenges faced by this critical sector. During a time when the healthcare sector was grappling with the Covid-19 pandemic, it was simultaneously battling an increased wave of cyberattacks. The report details the predominant role of ransomware attacks and data-related threats, drawing attention to the vulnerability of patient data, particularly in Covid-19-related systems. The report also presents sobering statistics about the healthcare sector’s preparedness, with only a small percentage of organizations having dedicated cybersecurity measures in place. Given the significant disruption and financial cost of these cyber incidents, the report underscores the urgent need for comprehensive cybersecurity strategies. These insights provide an important starting point for discussing securing the health sector against the increasing threat of cyberattacks, especially in a post-pandemic world where the reliance on digital systems in healthcare has only increased.
ENISA Threat Landscape: Health Sector
European Union Agency for Cybersecurity (ENISA)
In the two-year span from January 2021 to March 2023, the health sector of the European Union found itself on the frontline of an increasing wave of cyberattacks, according to the first analysis of this kind conducted by the European Union Agency for Cybersecurity (ENISA). Hospitals and healthcare providers bore the brunt of these assaults, with 53% and 42% of total incidents, respectively, while health authorities, agencies, and the pharmaceutical industry also found themselves under siege.
A significant proportion of these incidents, about 54%, were ransomware attacks, often with a devastating double impact: not only did they hold essential systems and data to ransom, but they frequently resulted in data breaches or thefts, with a staggering 43% of ransomware incidents coupled in this way. Data-related threats were rampant, constituting almost half of the total incidents.
The Covid-19 pandemic became a theatre of operations for cybercriminals, who seized the opportunity to exploit vulnerabilities in health systems under strain. The health sector became a prime target, with attackers, predominantly ransomware threat actors, driven by the prospect of financial gain. These actors honed in on patient data, especially from Covid-19-related systems and testing laboratories, targeting these assets in 30% of all incidents during this period.
Data leaks were often the result of poor security practices and misconfigurations, or worse, the collaboration of malicious insiders. These failures underscored the urgency of improved cybersecurity practices. Meanwhile, attacks on the healthcare supply chain and service providers accounted for 7% of total incidents, causing serious disruptions or losses. This trend is expected to persist, especially with vulnerabilities in healthcare systems and medical devices posing additional risks.
Geopolitical developments sparked an increase in Distributed Denial of Service (DDoS) attacks in early 2023, reaching 9% of total incidents. Pro-Russian hacktivist groups were particularly active, launching a wave of attacks on hospitals and health authorities in the EU.
The impacts of these incidents were severe, leading to data breaches or theft in 43% of cases and causing disruption to healthcare services in 22% of incidents. The cost of these attacks was substantial, with a single major security incident incurring a median cost of €300,000. Reputational damage and sanctions imposed by data protection authorities only compounded these direct costs.
Sadly, the preparedness of health sector organizations was lacking. Only 27% had a dedicated ransomware defense program in place, and 40% of original equipment suppliers lacked any security awareness program for non-IT staff. An overwhelming 95% of health organizations faced challenges when performing risk assessments, and 46% had never even performed a risk analysis.
These findings underscore the pressing need for comprehensive cybersecurity measures, including offline encrypted backups, training programs, stronger authentication methods, cyber incident response plans, and contingency plans. As the sector moves forward in the digital age, the commitment of senior management is crucial in ensuring such practices are adopted, and the sector’s defenses are bolstered.
ENISA Health Sector Threat Landscape – July 2023
*Shared with permission under Creative Commons – Attribution 4.0 International (CC BY 4.0) – license.
- International Cyber Law in Practice: Interactive Toolkit
- Defining Cyber Discovery? A Definition and Framework
Generative Artificial Intelligence and Large Language Model Use
ComplexDiscovery OÜ recognizes the value of GAI and LLM tools in streamlining content creation processes and enhancing the overall quality of its research, writing, and editing efforts. To this end, ComplexDiscovery OÜ regularly employs GAI tools, including ChatGPT, Claude 2, Midjourney, and DALL-E3, to assist, augment, and accelerate the development and publication of both new and revised content in posts and pages published (initiated in late 2022).
ComplexDiscovery also provides a ChatGPT-powered AI article assistant for its users. This feature leverages LLM capabilities to generate relevant and valuable insights related to specific page and post content published on ComplexDiscovery.com. By offering this AI-driven service, ComplexDiscovery OÜ aims to create a more interactive and engaging experience for its users, while highlighting the importance of responsible and ethical use of GAI and LLM technologies.
Have a Request?
If you have information or offering requests that you would like to ask us about, please let us know, and we will make our response to you a priority.
ComplexDiscovery is a distinguished digital publication that delivers journalistic insights into cybersecurity, information governance, and eDiscovery developments and technologies. It adeptly navigates the intersection of these sectors with international business and current affairs, transforming relevant developments into informational news stories. This unique editorial approach enables professionals to gain a broader perspective on the intricacies of the digital landscape for informed strategic decision-making.
Incorporated in Estonia, a nation celebrated for its digital innovation, ComplexDiscovery OÜ adheres to the most rigorous standards of journalistic integrity. The publication diligently analyzes global trends, assesses technological breakthroughs, and offers in-depth appraisals of services involving electronically stored information. By contextualizing complex legal technology issues within the broader narrative of worldwide commerce and current events, ComplexDiscovery provides its readership with indispensable insights and a nuanced understanding of the eDiscovery industry.