The State’s cybersecurity body and the HSE took part in a European-wide simulated attack on health services this week — just over a year from the start of the devastating real-life attack on HSE systems.
The National Cyber Security Centre (NCSC), together with the HSE and a number of hospitals and pharmacy companies, participated in a large-scale simulation organised by the European Cyber Security Agency (ENISA).
Some 29 countries and over 800 cybersecurity experts took part in the Cyber Europe event. The exercise involved a simulated scenario whereby a cyber-attack escalated into an EU-wide cyber crisis, with the threat of personal medical data being released.
Commenting on the Cyber Exercise, the NCSC’s Head of Engagement, Joseph Stephens, said:
“The scenario developed by ENISA was realistic, but also complex and challenging. Having dealt with a real-life cyber incident affecting the health sector – during the HSE ransomware attack in 2021 – the NCSC was well placed to deploy a lot of the lessons learned. The scenario, which involved serious attacks across the entire EU, also allowed us to exercise and coordinate with our partners through EU Cyber Crisis Networks, leaving us better prepared to collaborate during any real-life situations.”
A detailed analysis will now take place, following the exercise, to identify any gaps or scope for further capacity-building. The After Action Report findings will serve as a basis for future guidance and further enhancements – to reinforce the resilience of the healthcare sector against cyber-attacks in the EU.