The Department of Health and Human Services (HHS) warned on Monday that pro-Russian hacktivist group Killnet is actively targeting the U.S. healthcare industry with distributed denial of service (DDoS) attacks. A pro-Russian hacktivist group active since at least January 2022, Killnet known for its DDoS campaigns against countries supporting Ukraine, especially NATO countries since the Russia-Ukraine war broke out last year.
In a recent tweet, Cyberknow showed a image of the Killnet list of nearly 50 healthcare providers in the US on its target list. Placed alphabetically, the hospitals belonged to 50 states, including Alaska, California, Florida, Washington, West Virginia, and Wyoming.
HHS cited several instances where Killnet targeted organizations in the health care sector, including one last year where the department said the group hacked a U.S.-based healthcare organization that supports U.S. military members and stole a large set of user data from the company. The health care sector has been particularly vulnerable to an increase in ransomware attacks in recent years, as it stores sensitive information, including patient data and medical research and technology.
What You Should Do
If you are in the Healthcare or Public Health sector, be alert. Make sure systems are up-to-date and regularly patched. Be aware of suspicious emails and have appropriate security measures enables (2FA, etc.).
Want to ensure you have the proper security measures in place? Contact a member of the BMT team.