UPDATED 20:51 EDT / OCTOBER 06 2022


Russian hackers take down state websites in politically motivated attack

Hackers with ties to the Russian government have claimed credit for taking down websites in three U.S. states for politically motivated purposes.

Killnet, which first emerged in January, claims to have taken down sites belonging to the states of Colorado, Kentucky and Mississippi. The web portals for all three were functioning again as of the time of writing, but Colorado’s official state web portal was reported today to be showing a message that read “homepage is currently offline” earlier in the day.

Killnet has been behind several high-profile attacks since Russia invaded Ukraine in February. In June, Killnet claimed responsibility for a distributed denial-of-service attack targeting government and private organizations in Lithuania after the country restricted the transit of steel and ferrous metals to Kaliningrad, a Russian exclave on the Baltic Sea.

The group claimed at the time that its DDoS attack would continue until Lithuania lifts the blockade, with the spokesperson saying at it had “demolished 1,652 web resources so far.” The figure was not backed up by evidence that suggested the attack was smaller in scale than claimed.

Killnet also claimed to have attacked and taken offline websites run by U.S. aerospace manufacturer Lockheed Martin Corp. in August. The group claimed that the motivation for the attack was Lockheed providing the M142 High Mobility Artillery Rocket System to Ukrainian armed forces.

Evidence of links between Killnet and the Russian government were detailed in a report by Google LLC’s Mandiant subsidiary in September. The report claimed that along with the DDoS on Lithuania, Killnet had also launched attacks against organizations in Japan, Italy, Norway and Estonia.

Killnet’s specific targeting of the board of election’s website in Kentucky has also caused some media outlets to claim attempted Russian election interference. CNN reported Wednesday that the attack is an example of digital disruption or distraction that U.S. officials are preparing for ahead of the November midterm elections but then quotes an expert saying that the Killnet attack did not specifically target election infrastructure.

“The [hacking] campaign does not appear to specifically target U.S. elections infrastructure, though election-related websites can be indirectly or directly impacted through the broader operation,” the Elections Infrastructure Information Sharing & Analysis Center, a nonprofit-backed threat-sharing center, told CNN.

Erich Kron, security awareness advocate at security awareness training company KnowBe4 Inc., told SiliconANGLE that “hacktivists,” such as those that appear to be behind the attack, can now reach further and make bigger statements that are more publicly visible now.

“In the case of these state government websites, the disruption of service, while inconvenient, is far less of a problem than a data breach involving the theft of personally identifiable information,” Kron added. “Whether it’s the defacement of websites, or taking them offline with attacks such as DDoS attacks, it does erode public trust in the organizations that these websites represent.”

Photo: Pixabay

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy