A shadowy Russian hacking group has threatened to shut down ventilators in UK hospitals after an alleged member of their gang was arrested in the UK.
The 23-year-old hacker was arrested Monday in Tottenham, north London, after Romanian government websites were attacked.
Now members of the sinister Russian hacking group Killnet have demanded his release and threatened to attack life-saving ventilators if their demands are not met.
It’s unclear whether Killnet is backed by the Russian government – although spy agencies of the Five Eyes alliance – comprising Australia, Canada, New Zealand, the UK and the US – have described it as a Russia-affiliated group trading in the importance of the Kremlin.
According to the suncybercrime sources have described the attack threat as credible.
The hacker, who has not been named, is an outspoken supporter of the Russian invasion of Ukraine on Facebook. He posted Russian flags and the letter Z, a symbol present on tanks used in the invasion.
Killnet’s warning, posted on Telegram’s messaging site, read: ‘If he is not released within 48 hours, I will destroy your Romania, Britain and Moldova.
“I will destroy your entire information structure and even your Ministry of Health. All fans will be attacked.
‘Appropriate response. Only then will you realize the mistake you made.’
The alleged hacker, 23 (stock photo), was arrested Monday in Tottenham, north London after Romanian government websites were attacked
A tank with the ‘Z’ symbol painted on its side. The hacker, who has not been named, is an outspoken supporter of the Russian invasion of Ukraine on Facebook. He posted Russian flags and the letter Z
It’s unclear whether Killnet is backed by the Russian government – although spy agencies of the Five Eyes alliance – comprising Australia, Canada, New Zealand, the UK and the US – have described it as a Russia-affiliated group trading in the importance of the Kremlin
The hacker is said to have been arrested by National Crime Agency agents alongside officials from Romania.
He is suspected of pushing for Killnet’s attacks on Romanian infrastructure.
The group targeted the Romanian government and the media for their support of Ukraine during the war.
The arrested hacker is said to have already been released under investigation.
A source told The Sun last night: “The UK has put in place robust cybersecurity measures and, in conjunction with partners, the NCA would provide an appropriate response to any cybercrime incident that has a significant impact on the UK.”
It comes after Western intelligence agencies warned that Russian state-backed hackers are targeting critical infrastructure — and warned that working from home increases the risk of a successful attack.
A warning has been issued by agencies of the Five Eyes alliance – comprising Australia, Canada, New Zealand, UK and US.
They said the Russian invasion of Ukraine, and the imposition of Western sanctions on Moscow, had increased the risk of “malicious cyber activity.”
The warning highlighted the activities of Russian state-backed hackers as well as cybercrime groups that have recently publicly pledged support to Vladimir Putin’s regime.
Five Eyes’ cybersecurity firms urged those working in critical infrastructure to “prepare and mitigate potential cyberthreats.”
Russia-affiliated cybercrime groups are said to have targeted critical IT systems, health services, a nuclear power plant, an airport and government networks.
In addition to Russian FSB and GRU cyber teams, the Five Eyes agencies also explained how many Russian-affiliated groups had acted in the Kremlin’s interest.
These include groups called Killnet, Mummy Spider, Salty Spider, and The Xaknet Team.
Five Eyes cybersecurity firms urge those working in critical infrastructure to ‘prepare and mitigate potential cyberthreats’
The Five Eyes agencies have warned against using remote desktops and ‘other potentially risky services’
In their advice on how to deal with Russia’s cyber threat, the agencies urged organizations to update software and enforce multi-factor authentication “to the greatest extent possible.”
They also warned against using remote desktops and “other potentially risky services.”
Remote desktops are often used for working from home and allow a user to connect to a computer in a different location.
The Five Eyes warning stated: ‘Remote Desktop Protocol (RDP) exploitation is one of the main initial infection vectors for ransomware, and high-risk services, including RDP, can allow unauthorized access to your session using an attacker in the path. .’
They suggested using POP only if deemed ‘operationally necessary’.
The warning will heighten fears that UK officials working from home are making government networks more vulnerable to attack.
The Foreign Ministry is said to have launched an urgent investigation into a suspected cyber hack on Tuesday evening after personal information about government employees appeared on Russian social media sites.
Cabinet Minister Jacob Rees-Mogg is currently leading a government campaign to get civil servants back to their desks after the Covid pandemic.
He is said to have counted a personal number of officials in an office in Whitehall this week.
Chancellor of the Duchy of Lancaster Steve Barclay, the minister responsible for cybersecurity, told the… Telegraph: ‘Cyber-attacks know no physical or geographic boundary and it has never been more important to plan and invest in cyber resilience.’