Russian Hacker Group Killnet Distributed Denial of Service Attack Stopped by US Treasury Department

The US Treasury Department last month repelled cyberattacks by a group of pro-Russian hackers, prevented disruptions and confirmed the effectiveness of the department’s stronger approach to cybersecurity of the financial system. main, a US Treasury official said on Tuesday.

The assigned treasury Distributed Denial of Service (DDoS) Todd Conklin, a cybersecurity adviser to Deputy Treasury Secretary Wally Adeyemo, said the attacks on Killnet, the Russian hacker group that claimed responsibility for disrupting the websites of several US states and airports in October .

The incident, which has not been reported before, comes days before similar attacks from Killnet on US financial services companies, Conklin told a financial services industry and regulatory conference about the incident. network security.

Killnet announced on October 11 that it had hacked JPMorgan Chase’s network infrastructure, but the bank reported no impact on its operations.

Conklin described the attack on Treasury as “a fairly low-level DDoS activity targeting Treasury critical infrastructure nodes.”

In accordance with the newly adopted procedures under Biden management, he said the Treasury was quick to share internet protocol (IP) addresses used in the attack against financial services companies.

“It confirms that we’re on the right track with the way we’re trying to really share tactical information with the region in real time with the mindset that we’re connecting with each other and dealing with potential impacts.” the same threat actors,” Conklin said, adding that the information included downgraded intelligence and detailed enemy information.

The changes stem from a shift in the Treasury Department’s cyber-threat posture after Adeyemo and Treasury Secretary Janet Yellen took office. Adeyemo created the position of cybersecurity advisor, elevating Conklin to the role of full coordinator. Conklin joins Treasury under former President Donald Trump management.

Adeyemo also told the conference that the incident was a “clear reminder” that the Treasury and financial services companies face similar threats, especially since Russia launched the war. war with Ukraine in February.

“Before and throughout this unscrupulous invasion, we remain in close contact with many of you to provide important updates, flag potential risks, and ensure we deliver.” gives you what you need to keep your systems secure,” Adeyemo told regulators – the Banking and Financial Information Infrastructure Commission (FBIIC) and the Service Area Coordinating Council. Financial Services (FSSCC) is the industry leader.

Adeyemo has called on the two groups, launched 20 years ago after the 9/11 attacks, to deepen their collaboration to advance cloud and data protection workflows and focus on systemic risk issues. new.

© Thomson Reuters 2022