The increase in DDoS attacks on healthcare organizations in the US in the last 48 hours by the Pro-Russian hacktivist group Killnet has become a serious concern. These types of attacks are designed to overload a network or system with traffic, making it difficult or impossible for users to access essential patient services. This can have a devastating impact on the healthcare sector, as medical professionals rely on access to patient data and systems to diagnose and treat patients effectively.
Stats from Imperva threat research team (Feb 2, 2023)
9500 – IPs attacking multiple sites on the Killnet list targeting healthcare systems
66% – The percentage of attacks using proxy servers
33% – The percentage of attacks disguising themselves as search engines
Node.js – Most common runtime framework used in attacks
The latest attacks are a continuation
These recent attacks add to the activity in the past few weeks, with reports of several high-profile DDoS attacks by Killnet targeting organizations around the world, disrupting services ranging from local government to financial services and the transport industry. On top of the significant financial losses, the attacks prevented end users from accessing their usual healthcare services. In EU countries, providers and local governments were the primary targets with countries impacted including Germany, Lithuania, Estonia, the Netherlands, Poland, and Norway. Killnet officially claimed responsibility for the attacks in response to NATO countries’ support for Ukraine against the Russian campaign of aggression.
Healthcare organizations are always a top target for hackers and cybercriminals due to the sensitive nature of their data and the critical care they provide. In the past 48 hours healthcare organizations in the US have also been impacted by these attacks including sites of world-famous medical establishments such as Jefferson University Hospital in Philadelphia, University of Pittsburgh Medical Center (UPMC), and Duke University Hospital in North Carolina.
What you need to do to keep your patients safe
To mitigate the risk of such attacks, healthcare organizations need robust security measures, including web application firewalls, content delivery networks with load balancing, and of course DDoS filtering abilities. Regular updates to their software and hardware are also highly important, to ensure they are protected against known vulnerabilities and their systems are protected from malware and other threats.
In the event of a DDoS attack, healthcare organizations should ensure they have a well-established incident response plan in place, including a crisis communication plan, to inform patients and staff of the situation. Organizations should also have a business continuity plan inclusive of backup systems and processes to ensure essential services are not disrupted, or that patient data is not lost or compromised when a denial of service attack is used as a distraction.
The healthcare sector is a critical component of the US infrastructure and healthcare organizations must take the necessary steps to protect their networks and systems from cyber-attacks. By implementing strong security measures and having a well-prepared incident response plan in place, organizations can minimize the risk of a DDoS attack and ensure that essential services are not disrupted.
Learn more
Want to learn more about the growing threat of DDoS attacks within Healthcare? Contact Imperva and receive a free security review and assessment of your architecture. Our team of experts will help to identify if you’re at risk and what steps you can take to mitigate that risk.
Try Imperva for Free
Protect your business for 30 days on Imperva.