UN Security Council discusses cyberattacks on healthcare systems

NEW YORK, UNITED STATES — The United Nations Security Council recently convened to address the growing threat of cyberattacks targeting healthcare infrastructure worldwide.
The meeting was prompted by a sharp rise in ransomware attacks, which have disrupted health services and endangered patient safety globally. Several member states, including France, Japan, Malta, the Republic of Korea, Slovenia, the United Kingdom, and the United States, led the session.
WHO chief warns of severe consequences
Dr. Tedros Adhanom Ghebreyesus, Director-General of the World Health Organization (WHO), presented a stark warning to the Security Council about the life-threatening consequences of cyberattacks on healthcare systems. He emphasized that these attacks are not merely data breaches but can result in patient harm or death.
“Ransomware and other cyberattacks on hospitals are not just issues of security and confidentiality; they can be issues of life and death,” Dr. Tedros stated.
He cited examples such as the 2020 attack on Brno University Hospital in Czechia and a 2021 breach of Ireland’s Health Service Executive (HSE), both of which severely disrupted essential medical services.
Let’s be clear #ransomware and other #cyberattacks on hospitals and health facilities are not just issues of security and confidentiality – “they can be issues of life and death”
– @WHO Director-General Tedros Adhanom Ghebreyesus, @DrTedros, briefing the #SecurityCouncil pic.twitter.com/4FoOmXFoHH— UN News (@UN_News_Centre) November 8, 2024
Ascension Healthcare details ransomware attack
Eduardo Conrado, President of U.S.-based Ascension Healthcare, shared his organization’s experience with a ransomware attack in May 2024. The cyberattack crippled operations across Ascension’s 120 hospitals for 37 days, making electronic health records inaccessible and disrupting critical diagnostic services such as MRIs and CT scans.
“Nurses were unable to look up patient records from their computer stations and were forced to comb through paper back-ups,” Conrado explained. The attack cost Ascension approximately $130 million in response efforts and led to an estimated $900 million loss in operating revenue.
Calls for international cooperation on cybersecurity
The Security Council meeting underscored the urgent need for international cooperation to combat these cyber threats. Dr. Tedros urged nations to invest not only in advanced technologies but also in training healthcare staff to respond effectively to cyber incidents.
“Humans are both the weakest and strongest links in cybersecurity,” he said, stressing that international collaboration is essential to address this growing crisis.
Anne Neuberger, the U.S. coordinator for national security policy on cyber threats, echoed this sentiment, warning that ransomware attacks will continue as long as ransoms are paid and criminals evade capture by crossing borders.
WHO plans new cybersecurity guidelines
Looking ahead, the WHO announced plans to release new cybersecurity guidelines in 2025 aimed at strengthening healthcare systems’ defenses against future attacks.
Dr. Tedros called on the Security Council to use its mandate to enhance global cybersecurity measures and ensure accountability for perpetrators.
As cyberattacks become more frequent and sophisticated, global leaders agree that healthcare systems can be adequately protected from these growing threats only through collective international action.