Check against delivery

I have the honour to speak on behalf of the European Union and its Member States.

The Candidate Countries North Macedonia*, Montenegro^*, Serbia^*, Albania^*, Ukraine, the Republic of Moldova, Bosnia and Herzegovina^* and Georgia align themselves with this statement.

Mr/Mme President,

The European Union welcomes this timely discussion on ransomware attacks targeting healthcare facilities, a rapidly escalating threat with far-reaching consequences. When hospitals, laboratories, and emergency services are paralyzed by ransomware, the impact extends beyond any single nation—placing patient lives at risk, destabilizing healthcare systems, and undermining trust in essential public services. Every 11 seconds a ransomware attack takes place, a rate expected to escalate to an attack every 2 seconds by 2031. The global nature of ransomware and their potential impact on international peace and security demands that we respond collectively and decisively to prevent further harm.

To address this, the EU is taking strong action to protect critical infrastructure and essential services, including healthcare. We are boosting our defences, increasing our responses, and strengthening our international partnerships to address the rising number of ransomware.

The EU’s Network and Information Security Directive (NIS2), adopted in December 2022, sets out cybersecurity risk management and incident reporting requirements for critical sectors across the EU, and recognises health as a ‘sector of high criticality’. This ensures cybersecurity requirements for health facilities. These measures will safeguard our healthcare, secure sensitive medical data, and ensure that essential services remain operational despite cyber threats.

The European Union is committed to the cybersecurity of hospitals and healthcare providers. We recognize ransomware as a critical threat and reaffirm the urgency of this issue on the EU’s political agenda.

We have also stepped up our responses to malicious cyber activities, in particular ransomware attacks. In June 2024, the EU imposed restrictive measures on individuals linked to ransomware campaigns. In addition, in February 2024, the EU Cybercrime Centre, together with international partners, launched an operation to dismantle the LockBit ransomware group, one of the most prolific ransomware operators globally. Ransomware campaigns against essential sectors are unacceptable and we are taking action using all instruments at our disposal against those who deliberately disrupt critical services. We also strongly call upon all states, in line with the UN framework for responsible state behaviour, not to allow their territory to be used for such malign activities, and to respond to appropriate requests to mitigate such activities.

We will continue to strengthen partnerships to address ransomware threats through EU capacity building initiatives, such as supporting the development of national cybersecurity strategies and improving crisis management. The establishment of a permanent UN mechanism – the UN Cyber programme of Action – will allow us to advance our collective ability to counter threats against our societies and economies like ransomware.

The EU stands ready to continue to work with the global community as well as the private sector to protect critical infrastructure, especially healthcare, from cyber threats. Only together, through a united and coordinated global approach, can we effectively combat the escalating threat of ransomware.

* North Macedonia, Montenegro, Serbia, Albania and Bosnia and Herzegovina continue to be part of the Stabilisation and Association Process.