- This futuristic portable battery kept my home running during an outage, with plenty of power to spare
- The best phones for battery life in 2024: Expert tested and reviewed
- One of my favorite open-ear headphones just hit an all-time low price
- One of the loudest Bluetooth speakers I've tested is also one of the most affordable
- I tested Samsung's 98-inch 4K QLED TV, and here's why it might be worth the $13,000
KillNet Group Uses DDoS Attacks Against Azure-Based Healthcare Apps
The Russia-affiliated hacktivist group known as KillNet has been observed targeting healthcare applications hosted using the Microsoft Azure infrastructure for over three months.
The tech giant unveiled details about the new campaign in an advisory published on Friday. The Azure Network Security Team said it saw between 10 and 20 attacks in November 2022 and between 40 and 60 daily attacks in February 2023.
“We tracked attack statistics through the same time period and observed that DDoS attacks on healthcare organizations didn’t demonstrate severely high throughput,” reads the Microsoft technical write-up.
“There were several attacks hitting 5M packets per second (PPS), but [the] majority of attacks were below 2M PPS. These attacks, although not extremely high, could take down a website if not protected by a network security service.”
The tech company also observed a variety of multi-vector layer 3, layer 4 and layer 7 DDoS attacks.
Read more on DDoS attacks here: 2022: DDoS Year-in-Review
“In contrast to overall DDoS attack trends for 2022, in which TCP was the most common attack vector, 53% of the attacks on healthcare were UDP floods, and TCP accounted for 44%, reflecting a different mixture of attack patterns used by adversaries on healthcare,” reads the advisory.
In terms of targeted healthcare organizations during these attacks, Microsoft said KillNet’s main focus was on pharma and life sciences (31%), followed by hospitals (26%), healthcare insurance/health services and care (16% each). Geography-wise, most KillNet attacks came from the US, Russia or Ukraine.
“These attacks were successfully mitigated for customers enrolled in Azure DDoS Network Protection and Web Application Firewall services,” Microsoft clarified.
At the same time, the Azure Network Security Team warned that, through the use of DDoS scripts and stressors, botnets and spoofed attack sources, KillNet could easily disrupt websites and apps, if not adequately protected.
The tech giant’s advisory comes a few months after KillNet hacktivists reportedly targeted and brought down several hospital websites across the US and the Netherlands.