The European Union Agency for Cybersecurity (ENISA) has published its first cyber threat landscape report, focusing on the health sector. Over a two-year period, the report analyzes 215 publicly reported incidents in the EU and neighboring countries to identify key threats, threat actors, and trends.
It reveals that ransomware attacks account for 54% of cybersecurity threats in the health sector, while a significant portion of incidents targeted patient data and involved financial motivations.
According to the report, healthcare providers experienced the highest number of incidents, accounting for 53% of the total. Hospitals were the primary target at 42%, followed by health authorities, bodies, and agencies at 14%, and the pharmaceutical industry at 9%. Patient data, including electronic health records, was the most targeted asset, comprising 30% of incidents, with nearly half of all incidents aiming to steal or leak data from health organizations.
The report also points out the increase in Distributed Denial of Service (DDoS) attacks carried out by pro-Russian hacktivist groups like Killnet. Additionally, the COVID-19 pandemic’s timing played a role in the surge of attacks against healthcare organizations. The incidents highlighted the importance of robust cybersecurity practices, particularly in times of urgent operational needs.
Attacks on healthcare supply chains and service providers resulted in disruptions or losses for 7% of health organizations. ENISA stresses the need for a high common level of cybersecurity in the healthcare sector to ensure safe operations. The report emphasizes the significance of understanding risks, attack surfaces, and vulnerabilities specific to the sector.
Access to incident reporting data is essential for visualizing and comprehending the cyber threat environment and implementing appropriate mitigation measures. The report reveals that the median cost of a significant security incident in the health sector is estimated at €300,000, highlighting the financial implications of cyberattacks in the industry.