Contents:
According to the Dutch National Cybersecurity Center (NCSC), several hospitals from European countries supporting Ukraine have been targeted by pro-Russian threat actors, including their own UMCG hospital in Groningen.
UMCG Groningen Shutdown
The cause behind UMCG’s shutdown seems to be a DDoS attack, an operation that causes overload in a website’s servers, making it impossible to handle the incoming traffic and consequently shutting it down.
In an interview given to the Dutch website NU.nl, a spokesperson of the hospital declared that the DDoS attack is “coming in waves”.
Sometimes it stops for a while, and then it starts again. At the moment, it is quiet, but we do not know whether it will really stop now,
UMCG Spokesperson to NU.nl
The hospital said that its information system and patient portal have not been affected by the attack, as they rely on a different IT network. After being inaccessible for a few days, in a statement released on January 30, UMCG declared that its website is “largely available” after an extra line of defense was added to their servers.
Killnet Strikes Again
According to the NCSC, the group said to be behind the attacks is Killnet. Since the start of the war in Ukraine, the hacking collective Killnet has gained notoriety for launching DDoS assaults against businesses and government institutions.
Several Norwegian, British, Spanish, and U.S. hospitals are reportedly among Killnet’s targets. Last week, the threat actors announced their attacks on their Telegram channel, calling for action against the US government healthcare. In addition to DDoS attacks, the threat group is also known for engaging in phishing frauds.
Most likely formed recently, in March 2022, Killnet gained notoriety pretty quickly. The group declared that its primary targets are Ukraine supporters, including NATO countries and allies of theirs. Killnet’s strikes against vital infrastructure have been foreshadowed by Western intelligence agencies in the past.
The group is also said to be responsible for last week’s attacks on the websites of German airports, public administrations, and the financial sector. Killnet has also been linked to a DDoS attack on the European Parliament’s website in November, an action which quickly followed after the Parliament passed a resolution calling Russia a “state sponsor of terrorism”.
If you liked this article, follow us on LinkedIn, Twitter, Facebook, Youtube, and Instagram for more cybersecurity news and topics.
Cristian is a Content Editor & Creator at Heimdal®, where he developed a deep understanding of the digital threat landscape. His style resonates with both technical and non-technical readers, proof being in his skill of communicating cybersecurity norms effectively, in an easy-to-understand manner.
