Cyberattacks have become a huge concern for the healthcare sector, which is the main one affected by this type of threats. The European Commission has detected an increase in attacks, which amounted to 309 in 2023 and Ursula von der Leyen promised to promote an action plan to combat them in the first hundred days of her second term. This Wednesday, the community government presented its proposal, which will reinforce the current legislation on cybersecurity, specific for health centers due to the sensitivity involved in the collection of personal data, in addition to the risks due to delays or traffic jams that they may cause; but it will still take time to get going.
54% of cyber attacks suffered by the healthcare sector are ‘ransomware’, those in which access to confidential data occurs, it is encrypted, making it inaccessible to demand a payment in exchange for the decryption key. According to data from the European Commission, data breaches occurred in 43% of cases and the average cost of each attack reaches 300,000 euros.
Share payment information
What the European Commission wants is for member states to share more information about this type of incidents so that entities can have it much more quickly. Brussels does not dare in its proposal to recommend that entities not pay for the recovery of information, although community sources explain that there is a “commitment” on the part of governments and public administrations not to do so; But they do demand that they be informed if payments occur.
The action plan presented by the Vice President for Technological Sovereignty, Security and Democracy, Henna Virkkunen, and the Commissioner for Health, Olivér Várhelyi, has four fundamental axes: prevention, detection, response to minimize the impact and deterrence in the face of the gaps that European systems have in the health sector, which is especially critical.
In Spain, the Hospital Clínic of Barcelona, one of the largest in Catalonia, was the victim of one of these attacks in March 2023, which forced the postponement of 150 non-urgent surgeries, 3,000 visits to outpatient clinics and between 400 and 500 extractions, as well as such as oncological radiotherapy sessions. The criminals leaked 4.5 terabytes of information and the Generalitat’s conclusion is that it was not prepared for this type of threat.
The main measure of the proposal, which now begins the consultation process with the actors involved and will take until 2026 to be fully implemented, is the establishment of a pan-European support center for hospitals and healthcare providers that will report to the Union Agency European Union for Cybersecurity (ENISA). The center will enable an early warning service on potential cyber threats.
#European #Union #detects #increase #cyber #attacks #hospitals #average #cost #euros
