Groningen’s University hospital (UMCG) continues to be the victim of DDoS attacks by a pro-Russia hacker group. Other Dutch hospitals have also suffered digital attacks, a spokesperson for the Dutch Computer Emergency Response Team (Z-CERT) confirms
Last Saturday, a series of DDoS attacks affected the functioning of UMCG’s public website. Most of the website’s accessibility was restored last night, although the DDoS attacks are still ongoing, the hospital stated.
“A DDoS attack is a flood of network packets in a quantity that the target system cannot handle. It is like pouring water in a funnel faster than the funnel can handle, spilling out liquid from the top, disrupting its normal function,” explains Luís V. da Silva, a cybersecurity expert.
These attacks can be done by either a unique or multiple sources and are “very easy to carry out mainly on computer systems that are not protected against it,” according to Silva.
The attacks have been attributed to Killnet, a pro-Russia group of hackers who circulated a list of hospital names from multiple countries on their Telegram channel, Edwin Feldmann from Z-CERT told The GO.
In addition to the list, which NOS confirms to include 31 Dutch hospitals, Killnet took to Telegram to clarify the motives of their choice of victims of the attacks, namely medical facilities of countries that have supported Ukraine in the ongoing war with Russia.
Similar attacks on other Dutch hospitals took place, but their exact consequences and the identity of other potential victims are still being investigated, Feldmann further confirms.
DDoS attacks on hospitals in The Netherlands are not unheard of but on such large scales they are “very unusual”, Feldman emphasizes.
As of yesterday afternoon, Z-CERT’s public page has also been a target of similar ongoing DDoS attacks, but it is not clear if Killnet is behind this, Feldmann told The GO.
The UMCG reported that impacts of DDoS attacks on their care were limited. According to Silva, “the purpose of a DDoS attack is just to disrupt the service and for the hacker groups to gain visibility or credits in the media.”
This is not the first time Killnet has carried out DDoS attacks since it was established early last year.
“It is not easy to dismantle hacker groups when they exist mainly in countries in which the EU has no cooperation in the cybersecurity domain such as Russia, China, and North Korea,” explains Silva.
The Groningen Observer contacted the UMCG for further comments on the current situation, but has yet to receive a reply.