A reported pro-Russian hacking group says it was behind a cyber attack that took down several Kentucky state government websites earlier this week.
Carlos Luna, general manager of Kentucky Interactive, a contractor which manages the state’s government websites, said some state websites began receiving alerts of potential DDoS (distributed denial of service) activity Wednesday.
“Our security team took action to limit the impact and restore services,” Luna said in a statement to the media. “At this time, Kentucky.gov websites hosted by Kentucky Interactive are online.”
Luna said that Kentucky Interactive confirmed Thursday the attack was initiated by “bad actors.”
Killnet, a hacker group that’s reported to align with Russia and has targeted attacks toward NATO countries since Russia’s invasion of Ukraine, claimed responsibility for the attack in a post on the social media service Telegram. Killnet said “USA offline” in the post, and claimed responsibility for website outages in 12 states.
Several Kentucky websites were down and went back up later in the week. Government websites in Florida, Alabama and Indiana, among others, went down too.
Kentucky Interactive investigated the outages, Luna confirmed. The Department of Homeland Security and the Cybersecurity and Infrastructure Security Agency were contacted.
Killnet has reportedly acted as a group of hackers for hire in the past, according to Politico. But the group has backed Russia since the country invaded neighboring Ukraine in February, sparking a war between the two countries that is still ongoing.
It appears that most KY state government websites are down. They went down sometime this morning. Working on details. ^AH pic.twitter.com/Zb3uv08DZE
— Bluegrass Politics (@BGPolitics) October 5, 2022
Killnet has conducted hacks targeted at NATO countries since Russia’s invasion, according to CNN, but Killnet’s ties to the Russian government are unclear.
Editor’s note: This story was updated after officials clarified the spelling of Carlos Luna’s name.