Cyberattacks on EU hospitals

Samuel Stolton made this Informationsfreiheit request to Computer Emergency Response Team

Automatic anti-spam measures are in place for this older request. Please let us know if a further response is expected or if you are having trouble responding.

Die Anfrage wurde abgelehnt durch Computer Emergency Response Team.

Dear Computer Emergency Response Team,

Under the right of access to documents in the EU treaties, as developed in Regulation 1049/2001, I am requesting documents which contain the following information:

- Any communication between hospitals or health authorities in the European Union and CERT, since the start of the year (January 1st 2020). This could include but is not limited to, e-mails, text messages, basis documents, memos or drafts.

- Any documentation transmitted between EU member states and CERT since the start of the year (January 1st 2020), detailing information on national cyber attacks, cyber threats, weaknesses of cybersecurity systems, across EU health bodies or hospitals.

- Any notification communicated from any public body within the EU to CERT, concerning cyberattacks to hospitals or health authorities in the EU, and any follow up communication between CERT and the specific body in such cases.

This request extends to any information that CERT holds in relation any of the above points, including information that may have been deemed short-lived or unimportant.

Yours faithfully,

Samuel Stolton
EURACTIV Brussels
International Press Centre
Boulevard Charlemagne 1, 1041 Bruxelles

Services,

1 Attachment

Dear Mr. Stolton,

Thank you for your email.

After internal verification, CERT-EU received very limited information
regarding cyberattacks on hospitals or health authorities since the start
of the year (1st January 2020) from its peers in the EU, the national
and/or governmental CERTs of Member States.

This information was shared in the context of the CSIRTs Network,
established by the NIS Directive, for the purposes of cross-border
coordination, incident response support and collective situational
awareness. There are strict limitations, including the need to request
prior authorisation, regarding further dissemination of information
received in this cooperation forum.

Indeed, wider disclosure could highlight potential weaknesses and
vulnerabilities in these critical infrastructures, significantly
prejudicing the cyber security of Member States and potentially EU bodies
or agencies involved in the health sector.

To bring this in the context of Regulation 1049/2001, the following
exceptions apply:

*     Disclosure would undermine the protection of the public interest
as regards public security in the sense of Article 4.1, first indent;

*     It concerns third-party documents in the sense of Article 4.4, and
it is clear that the documents should not to be disclosed;

*     Article 4.5 whereby a Member State may request the institution not
to disclose a document originating from that Member State without its
prior agreement.

In light of the foregoing considerations, CERT-EU is not in a position to
share the requested information with you.

Kind regards,

The CERT-EU Team

On 07/07/2020 17:35, Samuel Stolton wrote:

Dear Computer Emergency Response Team,

Under the right of access to documents in the EU treaties, as developed in Regulation 1049/2001, I am requesting documents which contain the following information:

- Any communication between hospitals or health authorities in the European Union and CERT, since the start of the year (January 1st 2020). This could include but is not limited to, e-mails, text messages, basis documents, memos or drafts.

- Any documentation transmitted between EU member states and CERT since the start of the year (January 1st 2020), detailing information on national cyber attacks, cyber threats, weaknesses of cybersecurity systems, across EU health bodies or hospitals.

- Any notification communicated from any public body within the EU to CERT, concerning cyberattacks to hospitals or health authorities in the EU, and any follow up communication between CERT and the specific body in such cases.

This request extends to any information that CERT holds in relation any of the above points, including information that may have been deemed short-lived or unimportant.

Yours faithfully,

Samuel Stolton
EURACTIV Brussels
International Press Centre
Boulevard Charlemagne 1, 1041 Bruxelles

-------------------------------------------------------------------

This is a request for access to information under Article 15 of the TFEU and, where applicable, Regulation 1049/2001 which has been sent via the AsktheEU.org website.

Please kindly use this email address for all replies to this request: [1][FOI #8325 email]

If [2][CERT request email] is the wrong address for information requests to Computer Emergency Response Team, please tell the AsktheEU.org team on email [3][email address]

This message and all replies from Computer Emergency Response Team will be published on the AsktheEU.org website. For more information see our dedicated page for EU public officials at [4]https://urldefense.com/v3/__https://www....

Please note that in some cases publication of requests and responses will be delayed.

-------------------------------------------------------------------

References

Visible links
1. mailto:[FOI #8325 email]
2. mailto:[CERT request email]
3. mailto:[AsktheEU.org contact email]
4. https://urldefense.com/v3/__https://www....