Multiple US hospital and medical websites down during ongoing cyberattack
>
Russian cyber gang Killnet brings down websites of 14 top US hospitals and universities – including Stanford and Duke
Russian hackers are claiming responsibility for a cyberattack that brought down the websites of more than a dozen US hospitals Monday morning.
Killnet, a pro-Russia group known for distributed denial of service (DDoS) attacks over the past year, says it took down the websites of 14 US hospitals. These include Stanford Healthcare, Duke University Hospital and Cedars-Sinai.
DailyMail.com found seven hospital websites were back in service by 12pm EST. It is unclear why these specific websites were targeted, but the hacking group is known for attacks in nations like the US that have opposed Russia’s invasion of Ukraine.
Previous Killnet targets include airports, banks and defense contractors in the US.
Stanford Healthcare is among the 14 hospital systems that was impacted by a Monday morning DDoS attack from a Russian hacking group
Michigan Medicine, and its associated Children’s Hospital, was impacted by the DDoS attack from the Russian hacking group Killnet
The hospitals affected by the hack are from all over the country.
It is unclear how the outage may have affected internal hospital systems or impacted patient care.
The University of Michigan told DailyMail.com no patient information was impacted by the attack.
Hospitals in the Netherlands were also reportedly impacted by a DDoS attack from Russian hacking groups this morning too.
These attacks work by attempting to overwhelm a website’s servers by flooding it with traffic.
Using a network of machines – usually infected with malware and being operated remotely – will connect to the IP address of a website simultaneously.
Hackers can overwhelm a website’s servers by connecting thousands of machines to it at once.
As a result, those hoping to visit the impacted website will be caught in the ‘traffic jam’ of users connecting and receive an error message.
KillNet targeted US banking giant JPMorgan Chase with a similar attack in October.
The bank shrugged off the attack and said it had no impact on its operations.
This seems to be the case for some affected hospitals- with some even continuing to post on social media channels during the attack without acknowledging it.
Experts have previously described Killnet’s attacks as relatively amateurish and appear primarily designed to sow fear.
‘That said, the group’s aim may not be to cause disruption, but to create FUD [fear, uncertainty and doubt] and shake peoples’ ability in the US government’s ability to protect critical infrastructure in an attempt to undermine public support for US involvement in Ukraine,’ Brett Callow, a threat analyst with cybersecurity firm Emsisoft, told DailyMail.com last year.
Websites that were included in the hack but have since been restored include Stanford Healthcare in California; Duke University Hospital in Durham, North Carolina; Cedars-Sinai Hospital in Los Angeles, California; University of Pittsburgh Medical Center, in Pennsylvania; Jefferson Health in Philadelphia, Pennsylvania; Abrazo Health in Phoenix, Arizona; and Atlanticare, from Atlantic County, New Jersey.
Those still affected as of 12pm EST include Michigan Medicine, in Ann Arbor, Michigan and its associated Mott Children’s Hospital; Huntsville Hospital in Alabama; Anaheim Regional Medical Center in California; Hollywood Presbyterian Medical Center in California; Buena Vista Regional Medical Center in Storm Lake, Iowa; and Heart of the Rockies Regional Medical Center in Salina, Colorado.
Impacted systems contacted by DailyMail.com Monday morning did not immediately respond to a request for comment.
Other entities impacted in previous attacks include Hartsfield-Jackson International Airport in Atlanta, Georgia; Lockheed Martin and government websites in Japan and Hungary.