On Saturday, the Russian hacker group Killnet threatened hospitals and health institutions in a number of Western countries – including Norway.
On Saturday, the group updated the attack list on its Telegram account. The following Norwegian hospitals are mentioned as targets:
- A house
- Innlandet Hospital
- Brought to hospital
- Ringerike Hospital
- St. Olav’s Hospital
- Skien Hospital
- Stavanger University Hospital
- Tønsberg Hospital
- Haugesund private hospital
- The University Hospital in Northern Norway
TV 2 has been in contact with Norsk Helsenett, which is responsible for running the hospitals’ websites. They state just before 2pm on Saturday that they are investigating the matter, and as of now cannot answer whether they have noticed any unusual activity.
The Killnet group is particularly known for carrying out so-called denial of service attacks (also known as DDOS attacks).
These involve sending a large number of requests to a server, which means that it does not have the capacity to respond to those who actually need to use the service. This could mean, for example, that the hospitals’ websites become unavailable.
In this way, the attacks create a lot of noise – but they rarely do any lasting damage. The aim of such attacks can therefore often be to create unrest and uncertainty.
Hospitals in both the USA and several European countries are threatened on the same list: the Netherlands, Great Britain, Finland, Spain, Portugal, Germany and Poland.
Altogether, there are more than 100 different websites worldwide.
In June 2022, the same group carried out similar attacks against a number of important Norwegian businesses.
They have also previously carried out such attacks against actors in a number of other countries, including Italy, Germany, Japan, the USA and Georgia.
In August last year, the group’s founder “Killmilk” claimed that they were behind a major attack against the American arms manufacturer Lockheed Martin, and that this was intended as revenge for the USA having sent HIMARS weapon systems to Ukraine.
Controls millions of machines
After the previous attack against Norway last summer, technology manager Erling Schackt at Check Point Software explained to TV 2 that the Killnet network controls approximately four and a half million machines on the internet – without the users themselves knowing about it.
– These are machines that are infected, where the user or owner is not aware of this. They use the machines to attack targets, such as Norwegian websites in this denial of service attack, he said at the time.
During such an attack, so many requests are sent to a service that it crashes.