The Department of Health and Human Services (HHS) warned Monday that the pro-Russian hacktivist group Killnet is actively targeting the US healthcare industry with distributed denial of service (DDoS) attacks.
In a notice, HHS said the group was targeting countries that support Ukraine, including NATO members.
“While we have not confirmed any links between KillNet and official Russian government agencies such as the Russian Federal Security Service (FSB) or the Russian Foreign Intelligence Service (SVR), the group operates on critical infrastructure, including government and medical services. It should be viewed as a threat to the structure of the organization,” HHS said. .
The ministry added that while DDoS attacks do not cause much damage, they “can cause service outages lasting hours or days.”
Considered a low-level type of cyber-attack, DDoS attacks are typically used to overwhelm servers with internet traffic and cause them to shut down.
HHS cited several examples of Killnet targeting organizations in the healthcare sector. That includes last year’s case, when the department said the group hacked a US-based healthcare organization that supports members of the US military and stole large amounts of user data from the company.
The healthcare sector has been particularly vulnerable to an increase in ransomware attacks in recent years because it stores sensitive information such as patient data, medical research and technology.
In response to an increase in cyber threats targeting the healthcare sector, lawmakers have introduced legislation and recommendations to protect the industry and mitigate its impact.
Killnet also reportedly targeted the airline industry last year. The group claimed responsibility for launching a series of cyberattacks targeting more than a dozen of his websites at major US airports, including the international airports of Atlanta and Los Angeles.
Killnet further claimed responsibility for taking several US state government websites, including those in Colorado, Mississippi and Kentucky, offline one month before the 2022 midterm elections.