Source GOV.IE , ENSIA
The National Cyber Security Centre (NCSC), the Health Service Executive (HSE) and a number of hospitals and pharmaceutical providers have participated in a large-scale European cyber exercise.
The exercise tested participants’ response to a simulated major cyber-attack on health services and infrastructures in Europe.
Taking place over 2 days the exercise assessed participants’ ability to respond to disinformation campaigns and cyber-attacks targeting European hospital networks. The exercise involved a simulated scenario whereby a cyber-attack escalated into an EU-wide cyber crisis, with the threat of personal medical data being released.
The Executive Director of the EU Agency for Cybersecurity, Juhan Lepassaar, said:
“The complexity of our challenges is now proportionate to the complexity of our connected world. This is why I strongly believe we need to gather all the intelligence we have in the EU to share our expertise and knowledge. Strengthening our cybersecurity resilience is the only way forward if we want to protect our health services and infrastructures and ultimately the health of all EU citizens.”
Commenting on the Cyber Exercise, the NCSC’s Head of Engagement, Joseph Stephens, said:
“The scenario developed by ENISA was realistic, but also complex and challenging. Having dealt with a real-life cyber incident affecting the health sector – during the HSE ransomware attack in 2021 – the NCSC was well placed to deploy a lot of the lessons learned. The scenario, which involved serious attacks across the entire EU, also allowed us to exercise and coordinate with our partners through EU Cyber Crisis Networks, leaving us better prepared to collaborate during any real-life situations.”
A detailed analysis will now take place, following the exercise, to identify any gaps or scope for further capacity-building. The After Action Report findings will serve as a basis for future guidance and further enhancements – to reinforce the resilience of the healthcare sector against cyber-attacks in the EU.
The Irish organisations that participated in this ‘Cyber Europe’ exercise were the: National Cyber Security Centre (NCSC); Department of Health; Health Service Executive (HSE); Mater Misericordiae University Hospital; St James’s Hospital; National Ambulance Service; Irish Blood Transfusion Service (IBTS); St Vincent's Healthcare Group; and Marken.
If you are interested in finding out more about the IISF, or would like to attend one of our Chapter Meetings as an invited guest, please contact the
C/O David Cahill
Enhance your Cybersecurity knowledge and learn from those at the coalface of information Security in Ireland