EU cites HSE hack as it unveils plans for rapid-response cyber unit

Commission vice-president notes ‘worrying trend’ of cyberattacks against health systems

Plans to set up an EU rapid-response cyber unit that could quickly respond to attacks like the recent ransomware hack of the HSE were unveiled. File photograph: Ritchie B Tongo/EPA
Plans to set up an EU rapid-response cyber unit that could quickly respond to attacks like the recent ransomware hack of the HSE were unveiled. File photograph: Ritchie B Tongo/EPA

Plans to set up an EU rapid-response cyber unit that could quickly respond to attacks like the recent ransomware hack of the Health Service Executive (HSE) were unveiled on Wednesday.

Across Europe cyberattacks rose 75 per cent last year, with 756 such incidents logged, including an increasing number of attacks on healthcare systems, representing a growing risk to society with critical infrastructure at stake, according to the European Commission.

"We have a lot of cyber enemies around us," European commissioner Thierry Breton told journalists.

“On May 14th, Ireland’s public healthcare system suffered a pretty strong ransomware attack. I believe it affected a system with more than 80,000 computers, so that was something which was pretty, pretty strong.”

READ SOME MORE

The State co-ordinated with an existing EU information-sharing network of national Computer Security Incident Response Teams to respond to the ransomware attack as soon as it came to light.

But developing a Joint Cyber Unit as announced on Wednesday would allow the EU to send IT experts to swoop in to respond as soon as an attack was detected, the European Commission said.

“What is important is to react even faster . . . and also to deploy very quickly some dedicated team. That, we didn’t do because we have not the capacity today,” Mr Breton said.

“It could have been a very important plus, if we could have sent dedicated experts very quickly to react even faster, because we know that, of course, the longer you wait the worse it is.”

The HSE expects it will take as long as six months to recover from the attack, with many hospital and patient data systems still affected. The cyberattack was part of a growing trend of attacks on critical systems, including on the Colonial Pipeline in the US.

In Belgium, the city of Liège reported a large-scale attack that took out its municipal systems on Tuesday. The European Medicines Agency was hacked in December, and French hospitals have also recently been targeted.

"During the pandemic, we saw a growing and worrying trend of attacks against our health systems, where health data is readily available and interconnected, and offers a target," said European Commission vice-president Margaritis Schinas.

Setting up the unit would take about 18 months, it was estimated.

The commission previously proposed setting up a joint cyber unit in 2019, but qualms by member states about sharing power over national security have stalled progress.

However, Croatia, Estonia, Lithuania, the Netherlands, Poland and Romania have developed joint cyber response teams under the EU defence co-operation framework, Pesco.

Naomi O’Leary

Naomi O’Leary

Naomi O’Leary is Europe Correspondent of The Irish Times