The Health Sector Cybersecurity Coordination Center (HC3) has warned the healthcare sector regarding the persistent threat the KillNet hacktivist group poses. KillNet emerged in 2022 and has rapidly evolved into a significant cybersecurity threat by conducting distributed denial-of-service (DDoS) attacks.
The consequences of these attacks on the healthcare sector can be severe, with service outages impacting patient care, data integrity, and communication between healthcare providers.
The Growing Threat to Healthcare:
KillNet, a pro-Russia hacktivist group, has recently focused its DDoS attacks on healthcare organizations, departing from the typical targeting strategies of activist groups. While not typically associated with extensive damage, DDoS attacks can cause prolonged disruptions and outages that directly impact essential healthcare operations.
In January 2023, KillNet and its affiliates launched a coordinated wave of DDoS attacks on over 90 healthcare organizations across the United States and several NATO countries as retaliation for their perceived support of Ukraine.
Significant Consequences for Patient Care:
The HC3 report emphasizes that the consequences of DDoS attacks on healthcare systems can be far-reaching. Interruptions in service can lead to compromised patient care, loss of patient data, and disruption of communication channels between healthcare providers.
During the most recent wave of attacks, 55 percent of the targeted healthcare systems included hospitals, some of which were Level I trauma centers. The outages from these attacks pose a significant risk to patients receiving care within these facilities.
Ongoing Threat and Targeted Sectors:
Although the frequency of KillNet’s DDoS attacks has seemingly decreased since March, HC3 anticipates further attacks in the future.
Recent incidents have included a DDoS attack on a laboratory, blood, and pharmaceutical sub-industry organization. Additionally, Microsoft reported that KillNet had been targeting healthcare applications on Azure infrastructure for the past three months, specifically focusing on pharmaceutical and life sciences firms, hospitals, health insurance providers, and health services and care organizations.
Over half of the attacks employed by KillNet in healthcare-related DDoS attacks were User Datagram Protocol (UDP) floods and the rest were primarily Transmission Control Protocol (TCP).
Mitigating DDoS Attacks in the Healthcare Sector:
HC3 emphasizes that protecting healthcare organizations from threat groups like KillNet requires a multifaceted cybersecurity approach.
One suggested solution is the implementation of Identity Management (IdM) programs, which can help healthcare employees proactively protect themselves from reconnaissance techniques used by hacktivists, including KillNet, to gather victim identity information. Healthcare organizations can better safeguard their operations and protect patient care by proactively mitigating DDoS attacks and bolstering cybersecurity measures.
The ongoing DDoS attacks orchestrated by the KillNet hacktivist group pose a significant threat to the healthcare sector. With the potential to cause service outages and disruptions, these attacks jeopardize patient care, data security, and communication among healthcare providers. Healthcare organizations must remain vigilant, implement robust cybersecurity measures, and consider proactive solutions such as Identity Management programs to mitigate the impact of DDoS attacks. Collaboration between industry stakeholders, government bodies, and cybersecurity experts is crucial to safeguarding the healthcare sector against evolving cyber threats.
Healthy Digital News
Recent News
November 07, 2023
UT Arlington’s Smart Hospital: Innovations and Advancements
The University of Texas at Arlington (UT Arlington) innovative hospital has […]
Read More
October 22, 2023
Healthcare’s 2023 Dilemma: Staffing Gaps
The healthcare sector in the US is grappling with a significant […]
Read More