Hackers with ties to the Russian government have claimed credit for taking down websites in three U.S. states for politically motivated purposes.
Killnet, which first emerged in January, claims to have taken down sites belonging to the states of Colorado, Kentucky and Mississippi. The web portals for all three were functioning again as of the time of writing, but Colorado’s official state web portal was reported to be showing a message that read “homepage is currently offline” earlier in the day.
Killnet has been behind several high-profile attacks since Russia invaded Ukraine in February. In June, Killnet claimed responsibility for a distributed denial-of-service attack targeting government and private organizations in Lithuania after the country restricted the transit of steel and ferrous metals to Kaliningrad, a Russian exclave on the Baltic Sea.
The group claimed at the time that their DDoS attack would continue until Lithuania lifts the blockade, with the spokesperson saying at they had “demolished 1,652 web resources so far.” The figure was not backed up by evidence that suggested the attack was smaller in scale than claimed.
Killnet also claimed to have attacked and taken offline websites run by U.S. aerospace manufacturer Lockheed Martin Corp. in August. The group claimed that the motivation for the attack was due to Lockheed providing the M142 High Mobility Artillery Rocket System to Ukrainian armed forces.
Evidence of links between Killnet and the Russian government were detailed report by Google LLC’s Mandiant subsidiary in September. The report claimed that along with the DDoS on Lithuania, Killnet had also launched attacks against organizations in Japan, Italy, Norway and Estonia.
Killnet’s specific targeting of the board of election’s website in Kentucky has also caused some media outlets to claim attempted Russian election interference. CNN reports that the attack is an example of digital disruption or distraction that U.S. officials are preparing for ahead of the November midterm elections but then quotes an expert saying that the Killnet attack did not specifically target election infrastructure.
“The [hacking] campaign does not appear to specifically target U.S. elections infrastructure, though election-related websites can be indirectly or directly impacted through the broader operation,” the Elections Infrastructure Information Sharing & Analysis Center, a nonprofit-backed threat-sharing center, told CNN.
Commenting on the news, Erich Kron, security awareness advocate at security awareness training company KnowBe4 Inc., told SiliconANGLE that “hacktivists, such as those that appear to be behind this, can now reach further and make bigger statements which are more publicly visible, than ever before.”
“In the case of these state government websites, the disruption of service, while inconvenient, is far less of a problem than a data breach involving the theft of personally identifiable information,” Kron added. “Whether it’s the defacement of websites, or taking them offline with attacks such as DDoS attacks, it does erode public trust in the organizations that these websites represent.”
Show your support for our mission by joining our Cube Club and Cube Event Community of experts. Join the community that includes Amazon Web Services and Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger and many more luminaries and experts.