Von der Leyen pledges to tackle ransomware attacks against EU hospitals

Former President of the European Commission Ursula von der Leyenhas pledged to set out a plan to tackle ransomware attacks against healthcare providers within the first 100 days of her second term if re-elected.

The pledge was made in a Strasbourg speech on Thursday ahead of a crucial vote in the European Parliament that will either confirm the former German defense minister’s next five years in office or plunge the EU into a summer crisis searching for a new candidate.

According to the political guidelines Von der Leyen set out on Thursday for the next European Commission — effectively the bloc’s executive — healthcare systems “are increasingly the target of cyber and ransomware attacks.”

The guidelines state: “To improve threat detection, preparedness and crisis response, I will propose a European action plan on the cybersecurity of hospitals and healthcare providers in the first 100 days of the mandate.”

The statement did not set out the details of this plan.

Recent months have seen multiple hospitals across the European Union impacted by cyberattacks, including in Romania, France, Belgium and Spain.

While each member state in the EU is largely responsible for its own security, the cross-border impact of cyberattacks has driven several EU laws in recent years intended to promote cyber solidarity among states and drive up resilience by addressing issues around vulnerable products.

Attacks affecting the healthcare sector have been an issue elsewhere too, particularly in the United Kingdom and United States. While politicians very notably did not campaign on the attacks during Britain’s recent general election, some in the U.S. are pushing for more cybersecurity provisions for the sector.

Von der Leyen said her Commission would “focus on further strengthening our cyber defence capabilities, coordinating national cyber efforts and securing our critical infrastructures — notably by developing a trusted European cyber-defence industry.”

In-line with sanctions measures being taken by the members of the Five Eyes intelligence alliance, Von der Leyen pledged to “work on integrated deterrence” and to “strengthen our strategic approach to sanctions to ensure that we can react flexibly to new threats.”

Specifically, this deterrence “will look at how our sanctions framework against cyberattacks can be expanded and how a new sanctions regime against hybrid attacks on the EU and its Member States could work.”