Pro-Russia Killnet group hit Dutch and European hospitals

The Dutch National Cyber Security Centre (NCSC) confirmed that Pro-Russia group Killnet hit websites of national and European hospitals.

The Dutch National Cyber Security Centre (NCSC) reported that the websites of several hospital in the Netherlands and Europe were hit by DDoS attacks carried out by pro-Russia hacking group Killnet.

The group of hackers launched the offensive against the hospitals in the European countries due to their support for Ukraine.

“Hospitals in Europe, including in the Netherlands, have in all likelihood been targeted by the pro-Russian hacker group Killnet,” the NCSC said.

Early this week, experts from Z-CERT, the computer emergency response team for the Dutch healthcare sector blamed the Killnet group for the cyber attacks that hit the University Medical Center Groningen (UMCG) on Saturday.

“The UMCG is facing a DDoS attack, in which a system is flooded with a vast amount of visitors at the same time. The impact isn’t terrible at this stage, said the spokesperson. A spokeswoman for the UMCG also said that patient care could continue as usual.” reported the NLTimes. “Only the UMCG website is down. According to the hospital, the website with the medical records of UMCG patients has not been compromised. Patients can still view their medical history, operations, medicines, and appointments.”

The Pro-Russia group of hackers targeted 31 Dutch hospitals.

“Currently the DDoS attacks are successfully mitigated and the impact of the attacks is limited,” the NCSC added.

The hackers also targeted hospitals in the UK, Germany, Poland, Scandinavia and the United States. Last week, the group announced the attacks on its Telegram channel, calling for action against the US government healthcare.

Healthcare organizations are critical infrastructure and cyber attacks represent a serious threat to them. Even if DDoS attacks are considered low-level offensives, we cannot exclude that pro-Russia groups in the future could launch more sophisticated attacks that can cause serious damage.

Last week the pro-Russia group intensified its activity. The group launched a series of DDoS attacks against the websites of German airports, administration bodies, and banks. The attacks are the hacktivists’ response to the German government’s decision to send Leopard 2 tanks to Ukraine.

In November, Killnet claimed responsibility for the DDoS attack that today took down the website of the European Parliament website.

The attack was launched immediately after lawmakers approved a resolution calling Moscow a “state sponsor of terrorism“.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, DDoS)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.