Pro-Russian hackers Killnet behind Groningen hospital cyberattack

The pro-Russian hacker group Killnet is behind a cyber attack targeting the University Medical Center Groningen (UMCG) since Saturday, specialists from Z-CERT, the body that assists the healthcare sector with cybersecurity, believe.

Killnet has announced attacks on countries that help Ukraine in the war against Russia. That includes the Netherlands. The hacker group has targeted several hospitals. Other Dutch hospitals may also be affected by cyber attacks, but it is not yet clear whether that is the case, a Z-CERT spokesperson said.

The UMCG is facing a DDoS attack, in which a system is flooded with a vast amount of visitors at the same time. The impact isn’t terrible at this stage, said the spokesperson. A spokeswoman for the UMCG also said that patient care could continue as usual.

Only the UMCG website is down. According to the hospital, the website with the medical records of UMCG patients has not been compromised. Patients can still view their medical history, operations, medicines, and appointments.

According to the UMCG, the DDoS attack is coming and going in waves. “Sometimes it stops for a while, and then it starts again. At the moment, it is quiet, but we don’t know whether it will really stop this time,” said the spokeswoman.

Killnet is a hacker group that has been carrying out DDoS attacks against government agencies and companies since the war in Ukraine started. Several British, Spanish, and Norwegian hospitals were also allegedly targeted by Killnet. Last week, the British National Cyber Security Center again warned against targeted attacks from Iran or Russia. These mainly concern phishing attacks, in which cyber criminals try to steal sensitive information.