Cyberattack temporarily takes down websites for O'Hare and Midway airports
CHICAGO (CBS) -- A cyberattack on Monday shut down the websites for O'Hare and Midway airports, and several other large airports across the country.
An FBI spokesperson confirmed they were aware of the cyberattack that took down flychicago.com for part of the morning on Monday, but would not confirm or deny if they were investigating.
The O'Hare and Midway websites were down for at least a few hours Monday morning, but was back up and running early Monday afternoon.
The Chicago Department of Aviation said in a statement that no airport operations were affected.
"City of Chicago IT staff worked diligently to restore the website's functionality shortly after noon CT, and they continue to vigilantly monitor the situation," the department said in the statement. "The City's Information Security Office at the Department of Assets, Information and Services is investigating the cause of the outage."
CNN reports Russian-speaking hackers claimed responsibility for cyberattacks against more than a dozen airport websites, including Los Angeles International Airport.
No immediate signs of impact to actual air travel were reported, suggesting the issue may be an inconvenience for people seeking travel information.
"Obviously, we're tracking that, and there's no concern about operations being disrupted," Kiersten Todt, Chief of Staff of the US Cybersecurity and Infrastructure Security Agency (CISA), said Monday at a security conference in Sea Island, Georgia.
The 14 websites include the one for Atlanta's Hartsfield-Jackson International Airport. An employee there told CNN there were no operational impacts.
The Los Angeles International Airport website was offline earlier but appeared to be restored shortly before 9 a.m. Eastern. A spokesman did not immediately return a request for comment.
The hacking group known as Killnet listed multiple US airports as targets. It stepped up activity to target organizations in NATO countries after Russia's February invasion of Ukraine. The loosely organized "hacktivists" are politically motivated to support the Kremlin but ties to Moscow are unknown.
The group claimed responsibility last week for knocking offline US state governments websites. Killnet is blamed for briefly downing a US Congress website in July and for cyberattacks on organizations in Lithuania after the country blocked shipment of goods to the Russian enclave of Kaliningrad in June.
The type of cyberattack used by Killnet is known as "distributed denial of service" (DDoS), in which hackers flood computer servers with phony web traffic to knock them offline.
"DDoS attacks are favored by actors of varying sophistication because they have visible results, but these incidents are usually superficial and short lived," John Hultquist, a vice president at Google-owned cybersecurity firm Mandiant, told CNN.
A Transportation Security Administration spokesperson said the agency is monitoring the issue and working with airport partners.
With less than a month until Election Day, Prof. Bill Kresse of Governors State University said governments and businesses should be doubling down by protecting against breaches and online phishing scams that allow hackers into vulnerable areas. He said the attacks were a message to allies of Ukraine to "back off."
"It could be interpreted that they don't want to do anything major that might cause major repercussions, but this is something which will be noticed," Kresse said. "It was really more signaling than anything else ... The message we should take from this: playtime's over. It's time we really take our precautions seriously."
