Colorado says website restored day after Russia-linked DDoS attack

The Colorado Office of Information Technology said Thursday evening that the state government’s main website has been restored, after being knocked offline by a distributed denial-of-service attack carried out by a Russian-speaking group known as Killnet.

Colorado.gov, which was for more than 24 hours replaced by a temporary site, was one of dozens of state-government sites targeted this week by Killnet, which has gained notoriety over the past several months for its DDoS campaigns against sites based in countries that’ve supported Ukraine in its defense against Russia’s eight-month-old invasion.

The homepage was the only Colorado site that was disabled by the attack. The state’s other digital services remained operational, officials said. The full version of Colorado.gov was brought back online about 6 p.m. Mountain Time.

Sites operated by Connecticut, Kentucky and Mississippi — including the Kentucky Board of Elections — also experienced temporary outages Wednesday during an effort Killnet members referred to as “USA Offline.” Members of the group’s Telegram channel swapped posts listing dozens of state government websites and claims that the denial-of-service attacks would last 72 hours.

The Colorado IT office said in a press release that it worked with the state emergency operations center, the Statewide Internet Portal Authority — Colorado’s governance body for public-sector websites — and its vendors to repair the state’s homepage.

Over the past several months, Killnet has also claimed credit for DDoS campaigns against websites operated by the U.S. Congress, an airport in Connecticut, the governments of Norway and Lithuania and the Eurovision Song Contest, among other targets based in countries that’ve aided the Ukrainian defense.