The healthcare and public health (HPH) industry has been cautioned regarding the likelihood of cyberattacks conducted by a pro-Russian hacktivist gang called KillNet, after a new cyberattack on a U.S. healthcare group. KillNet started its operations during the time when Russia occupied Ukraine, from January to March 2022. From that time on, the hacktivist group has attacked government organizations and private industry companies in nations that are giving help to Ukraine, particularly NATO nations.
KillNet mainly performs distributed denial of service (DDoS) attacks. DDoS attacks entail sending thousands of connection requests to servers and websites using breached devices in order to decline legit users’ access to the servers and websites. When these attacks occur, they can go on for a number of hours or days and the servers/websites tend to run slowly. Long-term attacks result in outages that can go on for a few days. Typically, these attacks cause no significant problems to hardware.
Members of KillNet have made threats to attack U.S. healthcare organizations because of the U.S. policy of giving assistance to Ukraine. The group may conduct cyberattacks, data theft, and the public posting of the health information of Americans. Last December 2022, KillNet professed to be behind a cyberattack on a big U.S. healthcare company that offers medical care to U.S. military members and boasts to have stolen a huge volume of user information.
KillNet members have threatened to perform attacks on companies in other nations in case their ransom demands aren’t satisfied. For example, because a suspected member of the KillNet group was arrested in Romania in May 2022, a group member threatened to attack the British Ministry of Health and stated that the group would attack life-saving ventilators in U.K. hospitals.
The Health Sector Cybersecurity Coordination Center (HC3) states the group has the inclination to overstate, thus any statement that the group makes ought to be taken with caution. HC3 states it’s possible that some claims made by KillNet members were meant to get the public’s attention as well as that of the cybercriminals. Having said that, the group is regarded to be a threat to government authorities and critical infrastructure groups, such as companies in the HPH industry. HC3 has advised the HPH industry companies to take a number of practical measures to minimize the danger of DDoS attacks, which are explained in the KillNet Analyst Note.