Killnet's DDoS Streak

Category: Threat Actor Activity | Industry: Critical Infrastructure, Government, Telecommunications | Level: Strategic | Source: Trustwave

Distributed denial-of-service (DDoS) has been the cyber weapon of choice for the pro-Russian threat group, Killnet, who continue to elevate their attacks as the war between Russia and Ukraine rages on. Reflecting/bolstering their recent exploits, in Killnet's Telegram channel, the threat actors have claimed to attack Starlink, the website for the United States White House and government websites for the United Kingdom. The claims are substantiated by researchers from Trustwave. Killnet's attack against Starlink on November 18th, 202, is supported by users on Reddit voicing concerns about their inability to access Starlink accounts with users citing connection failure messages. Outages for Starlink are concerning as Ukrainian forces have relied on technology for communication during the Russian invasion. On November 17th, Killnet's Telegram post celebrated a 30-minute-long attack against the United States White House website "whitehouse[.]gov" with screenshot of the site's 429 error message for "Too Many Requests" during the outage period. Lastly, on November 22nd, Killnet celebrated an attack against the United Kingdom's Prince of Wales website. With the United Kingdom supporting Ukraine, Killnet threat actors have called out attacks against industries in finance, military, healthcare, and other United Kingdom government sites in future attacks.

‍