Home North London Sinister Russian hacking group threatens to shut down hospital ventilators in Britain

Sinister Russian hacking group threatens to shut down hospital ventilators in Britain

10

A shadowy Russian hacking group has threatened to shut down ventilators at British hospitals after an alleged member of their gang was arrested in the UK. 

The hacker, 23, was arrested in Tottenham, north London on Monday after Romanian government websites were attacked. 

Now, members of the sinister Killnet Russian hacking group have demanded his release and threatened to target life-saving ventilators if their demands aren’t met. 

It is unclear if Killnet are supported by the Russian government – though spy agencies from the Five Eyes alliance – made up of Australia, Canada, New Zealand, the UK and US – have described it as a Russian-aligned group acting in the Kremlin’s interests.

According to the Sun, cyber crime sources have described the attack threat as being credible.  

The hacker, who has not been named, is a vocal supporter of Russia’s invasion of Ukraine on Facebook. He has posted Russian flags and the letter Z, a symbol present on tanks used in the invasion. 

The warning from Killnet, posted on the Telegram messaging site, said: ‘If he is not released within 48 hours I will destroy your Romania, Great Britain and Moldova.

‘I will destroy your entire information structure and even your Ministry of Health. All ventilators will be attacked.

‘Appropriate response. Only then will you begin to realise the mistake you have made.’

The alleged hacker, 23 (stock pic), was arrested in Tottenham, north London on Monday after Romanian government websites were attacked

A tank with the symbol 'Z' painted on its side. The hacker, who has not been named, is a vocal supporter of Russia's invasion of Ukraine on Facebook. He has posted Russian flags and the letter Z

A tank with the symbol ‘Z’ painted on its side. The hacker, who has not been named, is a vocal supporter of Russia’s invasion of Ukraine on Facebook. He has posted Russian flags and the letter Z

It is unclear if Killnet are supported by the Russian government - though spy agencies from the Five Eyes alliance - made up of Australia, Canada, New Zealand, the UK and US - have described it as a Russian-aligned group acting in the Kremlin's interests

It is unclear if Killnet are supported by the Russian government – though spy agencies from the Five Eyes alliance – made up of Australia, Canada, New Zealand, the UK and US – have described it as a Russian-aligned group acting in the Kremlin’s interests

The hacker is said to have been arrested by National Crime Agency officers alongside officials from Romania. 

He is under suspicion of insisting Killnet’s attacks on Romanian infrastructure. 

The group targeted the Romanian government and media over their support for Ukraine amid the war. 

The arrested hacker is believed to have already been released under investigation.

A source told The Sun last night: ‘The UK has robust cyber security measures in place and, working with partners, the NCA would lead an appropriate response to any cyber crime incident having a significant impact on the UK.’

It comes after Western intelligence agencies warned Russian state-sponsored hackers are targeting critical infrastructure – and cautioned that working from home increases the risk of a successful attack.

An alert was issued by agencies from the Five Eyes alliance – made up of Australia, Canada, New Zealand, the UK and US.

They said that Russia’s invasion of Ukraine, and the imposition of Western sanctions on Moscow, had increased the risk of ‘malicious cyber activity’.

The warning highlighted the activities of Russia state-sponsored hackers and also cybercrime groups that have recently publicly pledged support to Vladimir Putin’s regime.

The Five Eyes cybersecurity agencies urged those working in critical infrastructure to ‘prepare for and mitigate potential cyber threats’.

Russian-linked cybercrime groups were said to have targeted critical IT systems, health services, a nuclear power plant, an airport, and government networks.

As well as Russian FSB and GRU cyber teams, the Five Eyes agencies also explained how many Russian-aligned groups had been acting in the Kremlin’s interests.

These include groups named as Killnet, Mummy Spider, Salty Spider and The Xaknet Team.

The Five Eyes cybersecurity agencies urged those working in critical infrastructure to 'prepare for and mitigate potential cyber threats'

The Five Eyes cybersecurity agencies urged those working in critical infrastructure to ‘prepare for and mitigate potential cyber threats’

The Five Eyes agencies issued a warning about the use of remote desktops and 'other potentially risky services'

The Five Eyes agencies issued a warning about the use of remote desktops and ‘other potentially risky services’

In their advice on how to mitigate against the Russian cyber threat, the agencies urged organisations to update software and enforce multi-factor authentication ‘to the greatest extent possible’.

They also issued a warning about the use of remote desktops and ‘other potentially risky services’.

Remote dekstops are commonly used for working from home and allows a user to connect to a computer in another location.

The Five Eyes alert stated: ‘RDP (Remote Desktop Protocol) exploitation is one of the top initial infection vectors for ransomware, and risky services, including RDP, can allow unauthorized access to your session using an on-path attacker.’

They suggested that RDP only be used if deemed ‘operationally necessary’.

The warning will increase fears that UK civil servants working from home could leave Government networks more vulnerable to an attack.

The Foreign Office was reported to have begun an urgent investigation on Tuesday night into a suspected cyber hack after personal information about Government employees appeared on Russian social media sites. 

Cabinet minister Jacob Rees-Mogg is currently leading a government drive get civil servants back to their desks after the Covid pandemic.

He was this week claimed to have conducted a personal headcount of officials in one Whitehall office.

Chancellor of the Duchy of Lancaster Steve Barclay, the minister responsible for cyber security, told the Telegraph: ‘Cyber attacks recognise no physical or geographical boundary and it has never been more important to plan and invest in cyber resilience.’

https://www.dailymail.co.uk/news/article-10787595/Sinister-Russian-hacking-group-threatens-shut-hospital-ventilators-Britain.html