US Treasury Fended Off Russian DDoS Attack – Report
Pro Russian hacker group was repelled when they carried out a distributed denial of service (DDoS) attack against US Treasury, says official
A United States official has revealed a cyberattack by pro Russian hacking group against a US government institution.
Reuters reported a US Treasury official as saying on Tuesday that the US Treasury last month repelled a cyberattack by a pro-Russian hacker group.
The incident apparently caused little to no disruption, and the official confirmed that the department’s stronger approach to financial system cybersecurity was working.
DDoS attack
Reuters reported that the US Treasury attributed the distributed denial of service (DDoS) attacks to Killnet, the Russian cybercrime hacking group.
This is the group that made headlines in May this year, when they threatened to shut down UK hospital ventilators, after a member of their cyber crime gang was arrested in London.
The arrested suspect was thought to have assisted Killnet’s attacks against Romanian institutions, in retribution for that country supporting Ukraine in the war with Russia.
Killnet, according to Reuters, has also claimed responsibility for disrupting the websites of several US states and airports in October.
The US Treasury incident, not previously reported, occurred a couple of days before similar attacks from Killnet on US financial services firms, Reuters quoted Todd Conklin, cybersecurity counsellor to Deputy Treasury Secretary Wally Adeyemo as saying.
Conklin reportedly made the comments when speaking at a financial services industry conference on cybersecurity.
Killnet claimed on 11 October that it had attacked JPMorgan Chase & Co’s network infrastructure, but the bank reported no impact on its operations.
Conklin described the attack on the US Treasury as “pretty low-level DDoS activity targeting Treasury’s critical infrastructure nodes.”
In line with new procedures adopted under the Biden administration, he said the Treasury shared internet protocol (IP) addresses used in the attack quickly.
Risky moves
The attack by a pro Russian hacking group on a US federal department is risky considering the state of tension between the West and Russia, over its illegal invasion of Ukraine.
In March this year, soon after Russia’s invasion, the US Treasury’s Office of Foreign Assets Control (OFAC) said it was imposing sanctions on 21 entities and 13 individuals, as part of its “crackdown on the Kremlin’s sanctions evasion networks and technology companies, which are instrumental to the Russian Federation’s war machine.”
After Russia-linked hackers conducted a number of high profile cyberattacks against US targets in recent years, President Joe Biden personally raised the cyberattack issue with Vladimir Putin in June 2021, and warned him that certain critical US infrastructure should be “off-limits” to cyberattacks.
Indeed, President Biden warned Putin of ‘retaliation’ and an ‘aggressive response’ if Russia attacks a list of 16 ‘critical’ industries in America.
Then in July 2021 President Biden underscored how serious the US is taking cyberattacks, when he admitted they could cause a ‘real shooting war’ with a ‘major power’.
Ever since 2011 the United States said it reserved the right to retaliate with military force against a cyberattack from a hostile state.