A new report from the European Union Cyber Security Agency (ENISA) found that more than half (54%) of all cyberthreats targeting the EU healthcare sector are ransomware.
A first-ever cyber threat landscape analysis by an EU agency in the healthcare sector revealed that patient data, such as electronic medical records, was the most targeted asset (30%) by ransomware attackers. Additionally, nearly half (46%) of all incidents were aimed at the theft or exposure of healthcare data.
Despite the prevalence of ransomware attacks targeting healthcare organizations, the report found that only 27% of organizations surveyed have a dedicated ransomware defense program in place.
In recent years, ransomware attacks on hospitals have resulted not only in service interruptions but also in patient deaths.
The reporting period from January 2021 to March 2023 covered most of the COVID-19 pandemic, making the healthcare sector a lucrative target for threat actors. There have been multiple leaks of patient data from government COVID-19 systems and laboratories. Insiders, both malicious and accidental, and inadequate security practices were identified as the primary causes of these breaches.
According to ENISA’s analysis, the majority of attacks (83%) were financially motivated based on the value of patient data.
However, the authors noted that other groups, such as state-backed groups and hacktivists, were also active during this period. This led to an increase in DDoS attacks against medical institutions, especially he spiked in 2023 when European hospitals and health authorities were targeted by pro-Russian factions.
Read more about DDoS attacks in healthcare: KillNet group used DDoS attacks against Azure-based healthcare app
Overall, 10% of attacks were driven by “ideological motives,” according to the report.
Healthcare providers accounted for over half (53%) of all incidents, with hospitals alone accounting for 42%. Health authorities, organizations and government agencies (14%) and the pharmaceutical industry (9%) were also prime targets.
The most common impact of cyber incidents in the healthcare sector was breach or data theft (43%), followed by disruption of non-medical services (25%) and disruption of medical services (22%).
Joseph Carson, Chief Security Scientist and Advisory CISO at Delinea, commented on the findings, saying that healthcare organizations should treat ransomware defense as a top priority.
“Ransomware is such a devastating threat that if a system goes down for an extended period of time, the risk of loss of life can unintentionally increase. It targets time-sensitive systems that need to
“Professionals should be able to recover from ransomware using strong cyber awareness strategies, ransomware-ready backup and recovery plans, and strong access controls with multi-factor authentication (MFA) and privileged access security. I have.
“Similar to health, treating symptoms can be more costly than preventing disease,” Carson explained.
