The newly active hacker group Anonymous Sudan took credit for DDoS attacks, writing on its Telegraph site that the attacks were carried out in retaliation for activists who had burned the Quran in Denmark over the past week. 

“Some hospitals in Denmark have been attacked due to Quran burnings, and more will be attacked in the hours to come,” the post on the group’s Telegram site read. 

Although the group claims to be based in Sudan, the Swedish cyber security firm TrueSec claimed in a report last week that it is almost certainly a Russian hacker group, linked to the Russian government. It cited as evidence the fact that the group’s Telegram account is operated from Russia, that its posts are in Russian or English, and that its messages are amplified by accounts in the Russian hacker sphere. 

Anonymous Sudan earlier this month claimed responsibility for attacks on several websites in Sweden, including the national broadcaster SVT and the Swedish health service.

The sites taken down on Sunday included: regionh.dk, amagerhospital.dk, bispebjerhospital.dk, bornholmshospital.dk, frederiksberghospital.dk, gentoftehospital.dk, rigshospitalet.dk, herlevhospital.dk, and hvidovrehospital.dk.

In a post on Twitter, Copenhagen’s health authority pointed users to an emergency page on Regionh.dk where all essential phone numbers were collected, and stressed that although the health authority’s website was down, all other hospital infrastructure was working as normal. 

Region H og hospitalernes hjemmesider er nede. På nødsiden på https://t.co/rEY3ZNWAcD kan man finde alle relevante telefonnumre til hospitalerne. Vi arbejder på, at få hjemmesiderne op og køre igen. Resten af vores digitale infrastruktur er ikke påvirket af hændelsen. #dkmedier

— Region Hovedstaden (@RegionH) February 26, 2023

The hospital and health authority’s websites later returned to normal operation, it said in a follow-up tweet.

READ ALSO: IT breach at airline SAS gives passengers access to each other’s payment information