Pro-Russia group Killnet targets US healthcare with DDoS attacks

The Pro-Russia group Killnet is launching a series of DDoS attacks against the websites of US healthcare organizations and hospitals.

The Pro-Russia group Killnet launched a series of DDoS attacks against US healthcare organizations and hospitals. The group announced the attacks on its Telegram channel, calling for action against the US government healthcare.

The list of targets includes:

• https://uamshealth.com
• https://www.atholhospital.org
• https://northernlighthealth.org/mercy-hospital
• https://www.ochsner.org/locations/st.-charles-parish-hospital/
• https://ukhealthcare.uky.edu/mychart#section-145206
• https://kutopeka.com
• https://www.franciscanhealth.org
• https://navicenthealth.org
• https://www.bayhealth.org
• https://www.connecticutchildrens.org
• https://www.bannerhealth.com/locations/phoenix/banner-university-medical-center-phoenix
• https://www.bchcares.org
• https://anmed.org
• http://www.cheshire-med.com/
• https://atriumhealth.org/locations/detail/atrium-health-cabarrus

At the time of this writing, many of the above websites are not reachable.

Healthcare organizations are critical infrastructure and cyber attacks represent a serious threat to them. Even if DDoS attacks are considered low-level offensives, we cannot exclude that pro-Russia groups in the future could launch more sophisticated attacks that can cause serious damage.

We have also to consider that the group could extend its current offensive to healthcare of western countries that are supporting Ukraine.

In the last week, the pro-Russia group intensified its activity. Recently the group launched a series of DDoS attacks against the websites of German airports, administration bodies, and banks. The attacks are the hacktivists’ response to the German government’s decision to send Leopard 2 tanks to Ukraine.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Killnet)