US Treasury repels Russian hacker attack

The US Treasury last month repelled cyber attacks by a pro-Russian hacker group, preventing disruption and confirming the effectiveness of the department's stronger approach to financial system cybersecurity, a US Treasury official said on November 1.

The Treasury has attributed the distributed denial of service (DDoS) attacks to Killnet, the Russian hacker group that claimed responsibility for disrupting the websites of several US states and airports in October, said Todd Conklin, cybersecurity counsellor to Deputy Treasury Secretary Wally Adeyemo, Reuters reports.

The incident, not previously reported, occurred a couple of days before similar attacks from Killnet on US financial services firms, Conklin told a financial services industry and regulator conference on cybersecurity.

Killnet claimed on October 11 that it had attacked JPMorgan Chase & Co's network infrastructure, but the bank reported no impact on its operations.

Conklin described the attack on the Treasury as "pretty low-level DDoS activity targeting Treasury's critical infrastructure nodes."

In line with new procedures adopted under the Biden administration, he said the Treasury quickly shared internet protocol (IP) addresses used in the attack with financial services firms.

"It confirmed that we're on the right track with how we're trying to actually share tactical information with the sector in real-time with the mind that we are interconnected and face the same threat actors," Conklin said, adding that this information includes downgraded intelligence and details on adversaries.