By David Lawder
WASHINGTON (Reuters) – The U.S. Treasury last month repelled cyber attacks by a pro-Russian hacker group, but the incident caused little to no disruption and confirmed that the department’s stronger approach to financial system cybersecurity was working, a U.S. Treasury official said on Tuesday.
The Treasury has attributed the distributed denial of service (DDoS) attacks to Killnet, the Russian hacker group that claimed responsibility for disrupting the websites of several U.S. states and airports in October, said Todd Conklin, cybersecurity counselor to Deputy Treasury Secretary Wally Adeyemo.
The incident, not previously reported, occurred a couple of days before similar attacks from Killnet on U.S. financial services firms, Conklin told a financial services industry and regulator conference on cybersecurity.
Killnet claimed on Oct. 11 that it had attacked JPMorgan Chase & Co’s network infrastructure, but the bank reported no impact on its operations.
Conklin described the attack on the Treasury as “pretty low-level DDoS activity targeting Treasury’s critical infrastructure nodes.”
In line with new procedures adopted under the Biden administration, he said the Treasury shared internet protocol (IP) addresses used in the attack quickly.
(Reporting by David Lawder, editing by Deepa Babington)