Russian-backed hackers actively targeting US health care sector, HHS warns

The Department of Health and Human Services (HHS) warned on Monday that pro-Russian hacktivist group Killnet is actively targeting the U.S. healthcare industry with distributed denial of service (DDoS) attacks.

HHS said in a notice that the group has been going after countries supporting Ukraine, including NATO members. 

“Although KillNet’s ties to official Russian government organizations such as the Russian Federal Security Service (FSB) or the Russian Foreign Intelligence Service (SVR) are unconfirmed, the group should be considered a threat to government and critical infrastructure organizations including healthcare,” HHS said. 

The department added that although the DDoS attacks do not cause major damage, “they can cause service outages lasting several hours or days.”

DDoS attacks, which are considered low-level types of cyberattacks, are typically used to disrupt and overwhelm a server with internet traffic, causing it to shut down.

HHS cited several instances where Killnet targeted organizations in the health care sector, including one last year where the department said the group hacked a U.S.-based healthcare organization that supports U.S. military members and stole a large set of user data from the company.

The health care sector has been particularly vulnerable to an increase in ransomware attacks in recent years, as it stores sensitive information, including patient data and medical research and technology.

In response to the rising cyber threats targeting the healthcare sector, lawmakers have introduced legislation and recommendations to protect the industry and mitigate the impact.

Killnet also reportedly targeted the aviation industry last year. The group claimed responsibility for launching a series of cyberattacks aimed at more than a dozen websites of major U.S. airports, including the Atlanta and Los Angeles international airports.

Killnet additionally claimed responsibility for knocking several U.S. state government websites offline, including in Colorado, Mississippi and Kentucky, a month before the 2022 midterm election.