Pierluigi Paganini February 01, 2023

The Dutch National Cyber Security Centre (NCSC) confirmed that Pro-Russia group Killnet hit websites of national and European hospitals.

The Dutch National Cyber Security Centre (NCSC) reported that the websites of several hospital in the Netherlands and Europe were hit by DDoS attacks carried out by pro-Russia hacking group Killnet.

The group of hackers launched the offensive against the hospitals in the European countries due to their support for Ukraine.

“Hospitals in Europe, including in the Netherlands, have in all likelihood been targeted by the pro-Russian hacker group Killnet,” the NCSC said.

Early this week, experts from Z-CERT, the computer emergency response team for the Dutch healthcare sector blamed the Killnet group for the cyber attacks that hit the University Medical Center Groningen (UMCG) on Saturday.

“The UMCG is facing a DDoS attack, in which a system is flooded with a vast amount of visitors at the same time. The impact isn’t terrible at this stage, said the spokesperson. A spokeswoman for the UMCG also said that patient care could continue as usual.” reported the NLTimes. “Only the UMCG website is down. According to the hospital, the website with the medical records of UMCG patients has not been compromised. Patients can still view their medical history, operations, medicines, and appointments.”

The Pro-Russia group of hackers targeted 31 Dutch hospitals.

“Currently the DDoS attacks are successfully mitigated and the impact of the attacks is limited,” the NCSC added.

The hackers also targeted hospitals in the UK, Germany, Poland, Scandinavia and the United States. Last week, the group announced the attacks on its Telegram channel, calling for action against the US government healthcare.

Healthcare organizations are critical infrastructure and cyber attacks represent a serious threat to them. Even if DDoS attacks are considered low-level offensives, we cannot exclude that pro-Russia groups in the future could launch more sophisticated attacks that can cause serious damage.

Last week the pro-Russia group intensified its activity. The group launched a series of DDoS attacks against the websites of German airports, administration bodies, and banks. The attacks are the hacktivists’ response to the German government’s decision to send Leopard 2 tanks to Ukraine.

In November, Killnet claimed responsibility for the DDoS attack that today took down the website of the European Parliament website.

The attack was launched immediately after lawmakers approved a resolution calling Moscow a “state sponsor of terrorism“.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, DDoS)