US airport websites knocked offline by pro-Russia hackers

WHAT YOU NEED TO KNOW:

• Pro-Russia hackers have disrupted the websites of multiple U.S. airports through denial-of-service (DDoS) attacks.
• There were no reported flight disruptions but the downed websites inconvenienced customers seeking to book flights.
• The affected airports included Atlanta Hartsfield-Jackson International Airport, Chicago O’Hare International Airport, and New York City’s LaGuardia Airport,

An apparently coordinated denial-of-service attack organized by pro-Russia hackers rendered the websites of some major U.S. airports unreachable early Monday, though officials said flights were not affected.

The attacks were orchestrated by a shadowy group that calls itself Killnet. On the eve of the attacks the group published a target list on its Telegram channel.

While highly visible and aimed at maximum psychological impact, DDoS attacks are mostly a noisy nuisance, different from hacking that involves breaking into networks and can do serious damage.

“We noticed this morning that the external website was down, and our IT and security people are in the process of investigating,” said Andrew Gobeil, a spokesman for Atlanta’s Hartsfield-Jackson International Airport. “There has been no impact on operations.”

Portions of the public-facing side of the Los Angeles International Airport website were also disrupted, spokeswoman Victoria Spilabotte said. “No internal airport systems were compromised and there were no operational disruptions.”

Spilabotte said the airport notified the FBI and the Transportation Security Administration, and the airport’s information-technology team was working to restore all services and investigate the cause.

Several other airports that were included on Killnet’s target list reported problems with their websites. Orlando International Airport told CBS News that its site was affected but is back online and that airport operations were not impacted.

The Chicago Department of Aviation said in a statement that websites for O’Hare International and Midway airports went offline early Monday but that no airport operations were affected.

Last week, the same group of hackers claimed responsibility for denial-of-service attacks on state government websites in several states.

John Hultquist, vice president for threat intelligence at the cybersecurity firm Mandiant, tweeted that denial-of-service attacks like those aimed at the airports and state governments are usually short in duration and “typically superficial.”

Such attacks instead tend to reveal insufficient attention by webmasters to adequate bulletproofing of sites, which now includes DDoS protection service.

Source: ABC News