Skip links

US Treasury thwarts DDoS attack from Russian Killnet group

The US Treasury Department has thwarted a distributed denial of service (DDoS) attack that officials attributed to Russian hacktivist group Killnet.

These are the same pro-Kremlin miscreants that claimed responsibility for knocking more than a dozen US airports’ websites offline on October 10 in similar network-traffic flooding incidents. The large-scale DDoS attack didn’t disrupt air travel or cause any operational harm to the airports.

A day later, the same group claimed they unleashed another bot army on JPMorgan Chase, but saw similarly feeble results. 

According to Reuters, which first reported on the US Treasury incident, the Killnet DDoS flood didn’t have any operational impact on the agency and it happened a couple days before the Russians turned their attention to JPMorgan Chase. 

Todd Conklin, cybersecurity counselor to Deputy Treasury Secretary Wally Adeyemo, described the event last month as “pretty low-level DDoS activity targeting Treasury’s critical infrastructure nodes.”

Treasury officials did not immediately respond to The Register‘s request for comment.

Killnet, who?

Killnet is a relatively new — and “relatively unsophisticated” —  hack-for-hire group whose “nuisance-level DDoS attacks” don’t live up to its rhetoric, according to security researchers.

Russia’s illegal invasion of Ukraine prompted the criminal gang’s patriotic, pro-Russia shift. Despite its limited DDoS stunts, the the group is considered a threat to critical infrastructure by a multi-national joint cybersecurity advisory

Also in October, Killnet claimed responsibility for downing US state government websites in Colorado, Kentucky, Mississippi and other states. The rationale was America’s continued support for Ukraine since the Kremlin illegally invaded its neighboring country in February.

This is in addition to similar cyberattacks against government and corporate websites in Lithuania, Romania and Japan.

Back to our regularly scheduled ransomware news

The thwarted Killnet vandalization news also comes as the US Treasury released its most recent Financial Trend Analysis report on ransomware, which found US banks paid out nearly $1.2 billion in 2021 to extortionists. 

Its findings indicate that ransomware continued to pose a significant threat to US critical infrastructure, businesses, and the public, and that a substantial number of ransomware attacks appear to be connected to sources in Russia.

In fact, the total of ransomware-related incidents and their monetary value reported in Bank Secrecy Act filings during 2021 far exceeds that of other years, according to the report. The US Treasury’s Financial Crimes Enforcement Network said it received 1,489 ransomware-related filings worth nearly $1.2 billion, a 188 percent increase over the $416 million filed in 2020. ®