Back
About RSIS
Introduction
Building the Foundations
Welcome Message
Board of Governors
Staff Profiles
Executive Deputy Chairman’s Office
Dean’s Office
Management
Distinguished Fellows
Faculty and Research
Associate Research Fellows, Senior Analysts and Research Analysts
Visiting Fellows
Adjunct Fellows
Administrative Staff
Honours and Awards for RSIS Staff and Students
RSIS Endowment Fund
Endowed Professorships
Career Opportunities
Getting to RSIS
Research
Research Centres
Centre for Multilateralism Studies (CMS)
Centre for Non-Traditional Security Studies (NTS Centre)
Centre of Excellence for National Security (CENS)
Institute of Defence and Strategic Studies (IDSS)
International Centre for Political Violence and Terrorism Research (ICPVTR)
Research Programmes
National Security Studies Programme (NSSP)
Studies in Inter-Religious Relations in Plural Societies (SRP) Programme
Future Issues and Technology Cluster
Research@RSIS Newsletter
Other Research
Science and Technology Studies Programme (STSP) (2017-2020)
Graduate Education
Graduate Programmes Office
Exchange Partners and Programmes
How to Apply
Financial Assistance
Meet the Admissions Team: Information Sessions and other events
RSIS Alumni
Alumni & Networks
Alumni
Asia-Pacific Programme for Senior Military Officers (APPSMO)
Asia-Pacific Programme for Senior National Security Officers (APPSNO)
International Strategy Forum-Asia (ISF-Asia)
SRP Executive Programme
Terrorism Analyst Training Course (TATC)
Publications
RSIS Publications
Annual Reviews
Books
Bulletins and Newsletters
Commentaries
Counter Terrorist Trends and Analyses
Commemorative / Event Reports
IDSS Paper
Interreligious Relations
Monographs
NTS Insight
Policy Reports
Working Papers
RSIS Publications for the Year
Glossary of Abbreviations
External Publications
Authored Books
Journal Articles
Edited Books
Chapters in Edited Books
Policy Reports
Working Papers
Op-Eds
External Publications for the Year
Policy-relevant Articles Given RSIS Award
Media
2024 Indonesia Elections
Great Powers
Sustainable Security
Other Resource Pages
Media Mentions
News Releases
Speeches
Video/Audio Channel
External Podcasts
Events
S. Rajaratnam School of International Studies Think Tank and Graduate School Ponder The Improbable Since 1966
Nanyang Technological University Nanyang Technological University
  • About RSIS
      IntroductionBuilding the FoundationsWelcome MessageBoard of GovernorsHonours and Awards for RSIS Staff and StudentsRSIS Endowment FundEndowed ProfessorshipsCareer OpportunitiesGetting to RSIS
      Staff ProfilesExecutive Deputy Chairman’s OfficeDean’s OfficeManagementDistinguished FellowsFaculty and ResearchAssociate Research Fellows, Senior Analysts and Research AnalystsVisiting FellowsAdjunct FellowsAdministrative Staff
  • Research
      Research CentresCentre for Multilateralism Studies (CMS)Centre for Non-Traditional Security Studies (NTS Centre)Centre of Excellence for National Security (CENS)Institute of Defence and Strategic Studies (IDSS)International Centre for Political Violence and Terrorism Research (ICPVTR)
      Research ProgrammesNational Security Studies Programme (NSSP)Studies in Inter-Religious Relations in Plural Societies (SRP) Programme
      Future Issues and Technology ClusterResearch@RSIS Newsletter
      Other ResearchScience and Technology Studies Programme (STSP) (2017-2020)
  • Graduate Education
      Graduate Programmes OfficeExchange Partners and ProgrammesHow to Apply
      Financial AssistanceMeet the Admissions Team: Information Sessions and other eventsRSIS Alumni
  • Alumni & Networks
      AlumniAsia-Pacific Programme for Senior Military Officers (APPSMO)Asia-Pacific Programme for Senior National Security Officers (APPSNO)
      International Strategy Forum-Asia (ISF-Asia)SRP Executive ProgrammeTerrorism Analyst Training Course (TATC)
  • Publications
      RSIS PublicationsAnnual ReviewsBooksBulletins and NewslettersCommentariesCounter Terrorist Trends and AnalysesCommemorative / Event ReportsIDSS PaperInterreligious RelationsMonographsNTS InsightPolicy ReportsWorking PapersRSIS Publications for the Year
      External PublicationsAuthored BooksJournal ArticlesEdited BooksChapters in Edited BooksPolicy ReportsWorking PapersOp-EdsExternal Publications for the Year
      Glossary of AbbreviationsPolicy-relevant Articles Given RSIS Award
  • Media
      2024 Indonesia ElectionsGreat PowersSustainable SecurityOther Resource PagesMedia Mentions
      News ReleasesSpeechesVideo/Audio ChannelExternal Podcasts
  • Events
    • Connect with Us

      rsis.ntu
      rsis_ntu
      rsisntu
      rsisvideocast
      school/rsis-ntu
      rsis.sg
      RSIS
      RSS
      Subscribe to RSIS Publications
      Subscribe to RSIS Events

      Getting to RSIS

      Nanyang Technological University
      Block S4, Level B3,
      50 Nanyang Avenue,
      Singapore 639798

      Click here for direction to RSIS

      Get in Touch

    Connect
    Search
    • RSIS
    • Publication
    • RSIS Publications
    • Global Health Security: COVID-19 and Its Impacts – Cyber Attacks on Healthcare Systems: Infrastructure Protection Critical
    • Annual Reviews
    • Books
    • Bulletins and Newsletters
    • Commentaries
    • Counter Terrorist Trends and Analyses
    • Commemorative / Event Reports
    • IDSS Paper
    • Interreligious Relations
    • Monographs
    • NTS Insight
    • Policy Reports
    • Working Papers
    • RSIS Publications for the Year

    CO20103 | Global Health Security: COVID-19 and Its Impacts – Cyber Attacks on Healthcare Systems: Infrastructure Protection Critical
    Tan E Guang Eugene

    22 May 2020

    download pdf
    RSIS Commentary is a platform to provide timely and, where appropriate, policy-relevant commentary and analysis of topical and contemporary issues. The authors’ views are their own and do not represent the official position of the S. Rajaratnam School of International Studies (RSIS), NTU. These commentaries may be reproduced with prior permission from RSIS and due credit to the author(s) and RSIS. Please email to Editor RSIS Commentary at [email protected].

    SYNOPSIS

    Healthcare systems all over the world are being subject to attacks even as the fight against COVID-19 rages on. States need to take critical infrastructure protection – like healthcare systems – more seriously.

    COMMENTARY

    ON 16 APRIL 2020, Czech authorities warned its international allies of “imminent, large scale attacks on hospitals”. They know the effects of such an operation. Brno University Hospital, the second largest hospital in Czech Republic, has had to reschedule operations, relocate patients, and delay some COVID-19 test results due to a cyberattack in mid-March 2020.

    EUROPOL has confirmed that almost all of its 27 member countries have reported intensifying cyberattacks on its healthcare systems. Criminal hacker groups have demanded ransom from hospitals dealing with overload from coronavirus patients by locking their patient records, and threatening to publish these records online. This causes further unwanted strain on healthcare systems. This trend of cyberattacks done by criminal hacker groups and possibly state-sponsored actors is set to continue.

    Harnessing Cyber Norms

    Hospitals and healthcare providers were prime targets even before COVID-19 because cyber security was not prioritised. In light of COVID-19, cyber security concerns may have been further deprioritised because of the lack of capacity in dealing with the pandemic. Consequently, healthcare providers are under immense pressure to pay ransoms.

    There is a reason why these are termed as critical infrastructure, and states have an obligation to protect them. These obligations include honouring those previously agreed to ensure normative responsible state behaviour in cyberspace. There have been several processes like the Global Commission on Cyber Stability (GCSC) and the Paris Call that have proposed norms to protect critical infrastructure and the core of the Internet.

    But none of these processes have the multilateral standing of the norms those recommended by the United Nations Group of Governmental Experts (UNGGE) in 2015, later endorsed by all the United Nations member states.

    Among other things, United Nations member states agreed to protect their critical infrastructure (which in most states included healthcare); not allowing their territory to be used for internationally wrongful acts using information and communications technologies (ICTs); not supporting any ICT activity that damages the critical infrastructure of another state; for states to respond to appropriate requests for assistance by another state when it is subject to malicious ICT acts; and, for states to cooperate against cybercrime (such as ransomware attacks) and terrorism.

    All For One, One For All

    These obligations therefore call upon states to cooperate among themselves to prevent these cyberattacks from taking place from within their territory and share information with other states on impending cyberattacks.

    These norms are particularly relevant now against the COVID-19 scourge that affects all states. States should be clear-minded that the COVID-19 pandemic does not respect state boundaries or geopolitics, seniority or youth. Healthcare systems around the world should be afforded the protection to prevent the further spread of the COVID-19.

    As seen with many states badly affected by COVID-19, death rates in an overwhelmed healthcare system are exponentially higher than those that have spare capacity, and every ounce in capacity is needed to deal with the pandemic.

    COVID-19 arguably represents the best opportunity for UN member states to cooperate in line with the agreed cyber norms, to build confidence and capacity among states, and strengthen adherence to these obligations to combat a common foe.

    What Can Governments Do?

    Confidence and capacity building measures to ensure stability in cyberspace can be undertaken domestically and internationally. Domestically, governments can take basic steps by increasing resources to mitigate cyberattacks. Some states have in the past allowed cybercriminals to operate discreetly in their territory, with hope that their expertise may be utilised in other strategic operations.

    But this practice should now be stopped in light of COVID-19. Cyber criminals in any given territory that target the healthcare sector in any other state should not be sheltered or tolerated and should face harsh penalties because there are lives at stake.

    International actions are more complex and require political will to execute. The 2015 norms are silent on how cooperation among member states should look like. The decision to implement cooperation is left largely to the states. But in the face of a global pandemic, the urgency of the circumstance should lend itself to a deeper and more meaningful cooperation.

    In short, UN member states should hold each other accountable to these cyber norms of behaviour. They should increase resource allocation to cybersecurity protection and share best practices and timely information (like the Czechs), so that critical infrastructure like healthcare can function unhindered.

    Any state that carries out or enables others to carry out cyber operations on other states’ healthcare systems during this crisis must be aware of the potential for huge loss of life, which may amount to an act of war. States should therefore be called upon as responsible state actors to cooperate in investigating, locating, arresting, and prosecuting cybercriminals who use the lack of international agreements to evade capture.

    Post-COVID-19: Improving State Behaviour in Cyberspace

    The COVID-19 pandemic shows the importance of governments to be able to protect their critical infrastructure from malicious actors. Governments can do much more, especially after the pandemic, in order to ensure cyberspace remains safe and secure.

    States need to work harder towards cooperation. The two processes – the Open-ended Working Group (OEWG) and the latest round of the UNGGE – on international security with regard to cyberspace at the United Nations are prime avenues for such cooperation to take place. When these meetings resume after the COVID-19 crisis subsides, states should strongly consider strengthening the application of norms around critical infrastructure protection.

    This includes taking swift and firm action against malicious threat actors (cybercriminals or state-sponsored actors) in cooperation with each other; collectively protecting critical infrastructure around the world; and voicing out acts of irresponsible behaviour by states. Capacity and confidence building measures in cyberspace to ensure that critical infrastructure around the world would also be welcome to better equip all states with the means to tackle future crises.

    To ensure that no crisis is ever wasted, UN member states can use the COVID-19 crisis to rally around these issues on the universal applicability of norms. They should also build capacity and confidence among themselves to strengthen critical infrastructure protection to better guide the behaviour of states in cyberspace.

    This momentum may lead us to a safer and more stable cyberspace. Failing to do so fails the entire population that rely on critical infrastructure for survival.

    About the Author

    Eugene EG Tan is Associate Research Fellow at the Centre of Excellence for National Security (CENS), a constituent unit of the S. Rajaratnam School of International Studies (RSIS), Nanyang Technological University (NTU), Singapore. This commentary by the CENS/FIT (Future Issues & Technology) research cluster is part of an RSIS Series.

    Categories: Commentaries / Country and Region Studies / Non-Traditional Security / East Asia and Asia Pacific / Global / South Asia / Southeast Asia and ASEAN

    Last updated on 20/08/2020

    comments powered by Disqus
    "Cyber Attacks on Healthcare Systems: Infrastructure Protection Critical" by Eugene Tan
    Eugene Tan, associate research fellow with the Centre of Excellence for National Security at RSIS, observes how healthcare systems all over the world are being subject to attacks even as the fight against COVID-19 rages on. States need to take critical infrastructure protection – like healthcare systems – more seriously. In this podcast, he shares how states can cooperate among themselves to prevent these cyberattacks.
    RSIS Commentary is a platform to provide timely and, where appropriate, policy-relevant commentary and analysis of topical and contemporary issues. The authors’ views are their own and do not represent the official position of the S. Rajaratnam School of International Studies (RSIS), NTU. These commentaries may be reproduced with prior permission from RSIS and due credit to the author(s) and RSIS. Please email to Editor RSIS Commentary at [email protected].

    SYNOPSIS

    Healthcare systems all over the world are being subject to attacks even as the fight against COVID-19 rages on. States need to take critical infrastructure protection – like healthcare systems – more seriously.

    COMMENTARY

    ON 16 APRIL 2020, Czech authorities warned its international allies of “imminent, large scale attacks on hospitals”. They know the effects of such an operation. Brno University Hospital, the second largest hospital in Czech Republic, has had to reschedule operations, relocate patients, and delay some COVID-19 test results due to a cyberattack in mid-March 2020.

    EUROPOL has confirmed that almost all of its 27 member countries have reported intensifying cyberattacks on its healthcare systems. Criminal hacker groups have demanded ransom from hospitals dealing with overload from coronavirus patients by locking their patient records, and threatening to publish these records online. This causes further unwanted strain on healthcare systems. This trend of cyberattacks done by criminal hacker groups and possibly state-sponsored actors is set to continue.

    Harnessing Cyber Norms

    Hospitals and healthcare providers were prime targets even before COVID-19 because cyber security was not prioritised. In light of COVID-19, cyber security concerns may have been further deprioritised because of the lack of capacity in dealing with the pandemic. Consequently, healthcare providers are under immense pressure to pay ransoms.

    There is a reason why these are termed as critical infrastructure, and states have an obligation to protect them. These obligations include honouring those previously agreed to ensure normative responsible state behaviour in cyberspace. There have been several processes like the Global Commission on Cyber Stability (GCSC) and the Paris Call that have proposed norms to protect critical infrastructure and the core of the Internet.

    But none of these processes have the multilateral standing of the norms those recommended by the United Nations Group of Governmental Experts (UNGGE) in 2015, later endorsed by all the United Nations member states.

    Among other things, United Nations member states agreed to protect their critical infrastructure (which in most states included healthcare); not allowing their territory to be used for internationally wrongful acts using information and communications technologies (ICTs); not supporting any ICT activity that damages the critical infrastructure of another state; for states to respond to appropriate requests for assistance by another state when it is subject to malicious ICT acts; and, for states to cooperate against cybercrime (such as ransomware attacks) and terrorism.

    All For One, One For All

    These obligations therefore call upon states to cooperate among themselves to prevent these cyberattacks from taking place from within their territory and share information with other states on impending cyberattacks.

    These norms are particularly relevant now against the COVID-19 scourge that affects all states. States should be clear-minded that the COVID-19 pandemic does not respect state boundaries or geopolitics, seniority or youth. Healthcare systems around the world should be afforded the protection to prevent the further spread of the COVID-19.

    As seen with many states badly affected by COVID-19, death rates in an overwhelmed healthcare system are exponentially higher than those that have spare capacity, and every ounce in capacity is needed to deal with the pandemic.

    COVID-19 arguably represents the best opportunity for UN member states to cooperate in line with the agreed cyber norms, to build confidence and capacity among states, and strengthen adherence to these obligations to combat a common foe.

    What Can Governments Do?

    Confidence and capacity building measures to ensure stability in cyberspace can be undertaken domestically and internationally. Domestically, governments can take basic steps by increasing resources to mitigate cyberattacks. Some states have in the past allowed cybercriminals to operate discreetly in their territory, with hope that their expertise may be utilised in other strategic operations.

    But this practice should now be stopped in light of COVID-19. Cyber criminals in any given territory that target the healthcare sector in any other state should not be sheltered or tolerated and should face harsh penalties because there are lives at stake.

    International actions are more complex and require political will to execute. The 2015 norms are silent on how cooperation among member states should look like. The decision to implement cooperation is left largely to the states. But in the face of a global pandemic, the urgency of the circumstance should lend itself to a deeper and more meaningful cooperation.

    In short, UN member states should hold each other accountable to these cyber norms of behaviour. They should increase resource allocation to cybersecurity protection and share best practices and timely information (like the Czechs), so that critical infrastructure like healthcare can function unhindered.

    Any state that carries out or enables others to carry out cyber operations on other states’ healthcare systems during this crisis must be aware of the potential for huge loss of life, which may amount to an act of war. States should therefore be called upon as responsible state actors to cooperate in investigating, locating, arresting, and prosecuting cybercriminals who use the lack of international agreements to evade capture.

    Post-COVID-19: Improving State Behaviour in Cyberspace

    The COVID-19 pandemic shows the importance of governments to be able to protect their critical infrastructure from malicious actors. Governments can do much more, especially after the pandemic, in order to ensure cyberspace remains safe and secure.

    States need to work harder towards cooperation. The two processes – the Open-ended Working Group (OEWG) and the latest round of the UNGGE – on international security with regard to cyberspace at the United Nations are prime avenues for such cooperation to take place. When these meetings resume after the COVID-19 crisis subsides, states should strongly consider strengthening the application of norms around critical infrastructure protection.

    This includes taking swift and firm action against malicious threat actors (cybercriminals or state-sponsored actors) in cooperation with each other; collectively protecting critical infrastructure around the world; and voicing out acts of irresponsible behaviour by states. Capacity and confidence building measures in cyberspace to ensure that critical infrastructure around the world would also be welcome to better equip all states with the means to tackle future crises.

    To ensure that no crisis is ever wasted, UN member states can use the COVID-19 crisis to rally around these issues on the universal applicability of norms. They should also build capacity and confidence among themselves to strengthen critical infrastructure protection to better guide the behaviour of states in cyberspace.

    This momentum may lead us to a safer and more stable cyberspace. Failing to do so fails the entire population that rely on critical infrastructure for survival.

    About the Author

    Eugene EG Tan is Associate Research Fellow at the Centre of Excellence for National Security (CENS), a constituent unit of the S. Rajaratnam School of International Studies (RSIS), Nanyang Technological University (NTU), Singapore. This commentary by the CENS/FIT (Future Issues & Technology) research cluster is part of an RSIS Series.

    Categories: Commentaries / Country and Region Studies / Non-Traditional Security

    Last updated on 20/08/2020

    Popular Links

    About RSISResearch ProgrammesGraduate EducationPublicationsEventsAdmissionsCareersVideo/Audio ChannelRSIS Intranet

    Connect with Us

    rsis.ntu
    rsis_ntu
    rsisntu
    rsisvideocast
    school/rsis-ntu
    rsis.sg
    RSIS
    RSS
    Subscribe to RSIS Publications
    Subscribe to RSIS Events

    Getting to RSIS

    Nanyang Technological University
    Block S4, Level B3,
    50 Nanyang Avenue,
    Singapore 639798

    Click here for direction to RSIS

    Get in Touch

      Copyright © S. Rajaratnam School of International Studies. All rights reserved.
      Privacy Statement / Terms of Use
      Help us improve

        Rate your experience with this website
        123456
        Not satisfiedVery satisfied
        What did you like?
        0/255 characters
        What can be improved?
        0/255 characters
        Your email
        Please enter a valid email.
        Thank you for your feedback.
        This site uses cookies to offer you a better browsing experience. By continuing, you are agreeing to the use of cookies on your device as described in our privacy policy. Learn more
        OK
        Latest Book
        more info