News and Music Discovery
Play Live Radio
Next Up:
0:00 0:00
Available On Air Stations

Pro-Russian group claims responsibility for Kentucky government website outages

Wikimedia Commons

A pro-Russian state hacker group claimed responsibility for widespread outages of Kentucky’s government websites Wednesday.

Multiple Kentucky state websites were unavailable Wednesday, greeting users instead with a 503 error, a sign that the website cannot communicate with the server it relies on. Other states saw similar website outages, including Colorado and Mississippi.

The pro-Kremlin hacker group Killnet claimed responsibility for the outages in a Wednesday morning post on the social media platform Telegram, as previously reported by CNN

“USA OFFLINE,” the group’s Telegram post is headed, along with “F*CK NATO.” In Russian, the post lists a dozen states the group claims to have targeted, including Kentucky.

“Kentucky (breakdown of all online services),” the post reads. 

In a statement emailed late Thursday afternoon, Kentucky Interactive General Manager Carlos Luna told WFPL News the disruption was caused by a distributed denial-of-service (DDoS) attack by “bad actors.”

DDoS attacks flood a site’s server with requests, overloading the server and blocking access for legitimate users. 

“Our security team took action to limit the impact and restore services. At this time, websites hosted by Kentucky Interactive are online,” Luna’s statement reads.

Kentucky Interactive is a private company that runs the state’s online services.

Downed websites ranged from the Kentucky Board of Elections webpage to the Kentucky Department of Education website. Most were restored by the end of the day. Websites for Kentucky’s state courts were down part of Thursday as well. 

Kentucky Interactive says it contacted the Department of Homeland Security and the Cybersecurity and Infrastructure Security Agency (CISA). A source in the FBI confirmed to WFPL News the agency is investigating but was not authorized to provide comment.

Killnet has taken responsibility for other cyberattacks in several countries it perceives as hostile to Russian President Vladimir Putin, including Japan, Estonia,and Latvia. 

According to the Amsterdam-based cybersecurity firm EclecticIQ, Killnet hackers are “novice users with zero or limited experience,” and damage from Killnet attacks is usually temporary.

“Killnet possesses the resources to successfully conduct short-lived Distributed Denial of Service (DDoS) attacks but lacks the capabilities to execute attacks that impair network infrastructure for a longer period,” reads a blog post by EclecticIQ staff.

However, in the same post, authors argue that “successful DDoS attacks on government entities…would signal a change in technical capabilities.”

Kentucky Interactive spokesperson Kara Cowie said so far, the organization has “no evidence that any data has been compromised.”

Ryland Barton contributed to this report.

Jess is LPM's Education and Learning Reporter. Jess has reported on K-12 education for public radio audiences for the past five years, from the swamps of Southeast Louisiana at WWNO, New Orleans Public Radio, to the mountains of North Carolina at WUNC in Chapel Hill. Her stories have aired on national programs and podcasts, including NPR's All Things Considered, Morning Edition, and Weekend Edition, Here & Now and Reveal from the Center for Investigative Reporting. A Louisville native, Jess has her bachelor's degree from Centre College, and her masters in Journalism and Mass Communication from the University of North Carolina at Chapel Hill.
Related Content