therecord.media Open in urlscan Pro
2606:4700::6812:1c78  Public Scan

Form analysis
4 forms found in the DOM

GET https://therecord.media/

<form role="search" method="get" class="search-form" action="https://therecord.media/">
  <input type="text" placeholder="Search" value="" name="s">
  <input type="submit" value="go">
</form>

<form class="search-form">
  <a href="#">
<i class="fas fa-search search-icon"></i>
<i class="fas fa-times close-icon"></i>
</a>
</form>

GET https://therecord.media/

<form role="search" method="get" class="search-form" action="https://therecord.media/">
  <input type="text" placeholder="Search" value="" name="s">
  <input type="submit" value="go">
</form>

POST

<form action="" method="post" class="newsletterForm">
  <input type="email" name="email" placeholder="your e-mail address">
  <input type="hidden" name="newSubscription" value="1">
  <input type="submit" value="go">
</form>

Text Content

This website stores cookies on your computer. These cookies are used to improve
your website experience and provide more personalized services to you, both on
this website and through other media. To find out more about the cookies we use,
see our Privacy Policy.

Accept
Manage consent
We use cookies to optimize our website and our service. Cookie Policy

Functional

Marketing
Accept allDismissPreferences
 * Leadership
 * Cybercrime
 * Nation-state
 * Government
 * People
 * Technology

 * About
 * Contact
 * Click Here Podcast

 * 




SUBSCRIBE TO THE RECORD



Jonathan Greig January 31, 2023


PRO-RUSSIAN DDOS ATTACKS RAISE ALARM IN DENMARK, U.S.

Briefs
Cybercrime
Government
 * 
 * 
 * 
 * 
 * 

Jonathan Greig

January 31, 2023

 * Briefs
 * Cybercrime
 * Government

 * 
 * 
 * 
 * 
 * 


PRO-RUSSIAN DDOS ATTACKS RAISE ALARM IN DENMARK, U.S.

Distributed denial-of-service (DDoS) attacks by pro-Russian hacking groups are
causing alarm in the U.S. and Denmark after several incidents affected websites
of hospitals and government offices in both countries. 

On Tuesday, Denmark announced that it was raising its cyber risk alert level
after weeks of attacks on banks and the country’s defense ministry. 

“We are again raising the threat level for cyber risk against Denmark, among
other things on the basis of pro-Russian activist hacker groups’ high level of
activity against NATO countries, including Denmark, as well as their increased
capacity,” Denmark’s Centre for Cyber Security said on Twitter.

The center said the DDoS incidents — which involve routing a deluge of page
requests at target websites — are increasing in power and severity while also
growing in overall numbers. 



Following the announcement, the website for the country’s Centre for Cyber
Security was knocked offline, and an alert explaining the decision was also
unavailable. 

Since Russia began its invasion of Ukraine 11 months ago, hacking groups like
Killnet and NoName057 have targeted an array of government institutions,
businesses and organizations across Europe and the United States. 

On Monday, Killnet directed DDoS traffic against the websites of dozens of U.S.
hospitals, forcing the the U.S. Department of Health and Human Services to
publish an alert warning healthcare institutions about the group’s tactics. 

“It is likely that pro-Russian ransomware groups or operators, such as those
from the defunct Conti group, will heed Killnet’s call and provide support. This
likely will result in entities Killnet targeted also being hit with ransomware
or DDoS attacks as a means of extortion, a tactic several ransomware groups have
used,” HHS warned. 

Swimlane’s Daniel Selig noted that the DDoS incidents took place days after U.S.
President Joe Biden announced that the U.S. would be sending 31 Abrams tanks to
Ukrainian forces. 

Selig added that last week, several financial organizations, airports and
government offices in Germany were targeted in a similar way after their
announcement of additional military support for Ukraine. 

“It goes without saying that cyberattacks on hospitals and medical centers are
some of the most dangerous — these attacks have the ability to knock systems
offline in their entirety and keep patients from receiving the care that they
require,” he said.

While DDoS attacks typically do not cause major or lasting damage, they can
cause service outages that span several hours or even days.

Akamai published a report on Tuesday that found DDoS incidents in Europe
increased 73% in 2022, with more campaigns now involving extortion tactics. They
warned that DDoS attacks are now increasingly being used as cover for actual
intrusions involving ransomware and data theft. 

Aleksandr Yampolskiy, CEO of SecurityScorecard, noted that groups like Killnet
run popular channels on the Telegram app where they recruit new members and
teach other hackers DDoS skills. Killnet’s channel has more than 92,000
subscribers.

Groups like Killnet are able to muster so much DDoS traffic in part because they
exploit vulnerable devices online. Yampolskiy said Killnet typically target
routers from MikroTek that are either misconfigured or vulnerable, and the group
also takes advantage of the proliferation of IoT devices across the
world. Everything from internet-connected baby cameras to smart refrigerators
can be a potential target.

In December, the Justice Department announced the seizure of 48 domains used by
the leading DDoS-for-hire services — websites that allow users to pay hackers to
flood targets with page requests. But HHS said it is unclear if “this law
enforcement action might impact Killnet which turned its DDoS-for-hire service
into a hacktivist operation earlier this year.”

 * 
 * 
 * 
 * 
 * 

Tags
 * DDoS
 * DDoS attack
 * Denmark
 * Europe
 * Russia
 * Ukraine

Jonathan Greig is a Breaking News Reporter at Recorded Future News. Jonathan has
worked across the globe as a journalist since 2014. Before moving back to New
York City, he worked for news outlets in South Africa, Jordan and Cambodia. He
previously covered cybersecurity at ZDNet and TechRepublic.

Previous article Next article
Report: Developers are most in demand on dark web
LockBit takes credit for November ransomware attack on Sacramento PBS station


BRIEFS

 * CISA adds Oracle, SugarCRM bugs to exploited vulnerabilities list February 3,
   2023
 * Zero day affecting Fortra’s GoAnywhere file transfer tool is actively being
   exploited February 3, 2023
 * New York attorney general fines developer of stalking apps February 3, 2023
 * Tallahassee hospital diverting patients, canceling non-emergency surgeries
   after cyberattack February 3, 2023
 * Julius ‘zeekill’ Kivimäki, former Lizard Squad hacker, arrested in France
   February 3, 2023
 * Russia-linked hacking against national labs spurs inquiry from two House
   chairmen February 3, 2023
 * Switzerland’s largest university confirms ‘serious cyberattack’ February 3,
   2023
 * Feds get guilty plea in Ubiquiti data extortion case February 2, 2023


RANSOMWARE TRACKER: THE LATEST FIGURES [JANUARY 2023]



Ransomware tracker: the latest figures [January 2023]






2022 ADVERSARY INFRASTRUCTURE REPORT



2022 Adversary Infrastructure Report












SEASON OF GIVING, SEASON OF TAKING: HEIGHTENED FRAUD DURING HOLIDAY SHOPPING



Season of Giving, Season of Taking: Heightened Fraud During Holiday Shopping












H1 2022: MALWARE AND VULNERABILITY TRENDS REPORT



H1 2022: Malware and Vulnerability Trends Report








RUSSIAN INFORMATION OPERATIONS AIM TO DIVIDE THE WESTERN COALITION ON UKRAINE



Insikt Group: Russian Information Operations








VULNERABILITY SPOTLIGHT: DIRTY PIPE



Insikt Group: Dirty Pipe








GLOSSARY

Threat Intelligence

Threat Intelligence Feeds

Threat Intelligence Platform

Payment Fraud Intelligence

 * 
 * 
 * 
 * 
 * 

 * Privacy Policy

© Copyright 2023 | The Record from Recorded Future News