U.S. airport websites knocked offline in apparent pro-Russia hacking attack
An apparently coordinated denial-of-service attack organized by pro-Russia hackers rendered the websites of some major U.S. airports unreachable early Monday, though officials said flights were not affected.
The attacks — in which participants flood targets with junk data — were orchestrated by a shadowy group that calls itself Killnet. On the eve of the attacks the group published a target list on its Telegram channel.
While highly visible and aimed at maximum psychological impact, DDoS attacks are mostly a noisy nuisance, different from hacking that involves breaking into networks and can do serious damage.
"We noticed this morning that the external website was down, and our IT and security people are in the process of investigating," said Andrew Gobeil, a spokesman for Atlanta's Hartsfield-Jackson International Airport. "There has been no impact on operations."
Portions of the public-facing side of the Los Angeles International Airport website were also disrupted, spokeswoman Victoria Spilabotte said. "No internal airport systems were compromised and there were no operational disruptions."
Spilabotte said the airport notified the FBI and the Transportation Security Administration, and the airport's information-technology team was working to restore all services and investigate the cause.
Several other airports that were included on Killnet's target list reported problems with their websites. Orlando International Airport told CBS News that its site was affected but is back online and that airport operations were not impacted.
The Chicago Department of Aviation said in a statement that websites for O'Hare International and Midway airports went offline early Monday but that no airport operations were affected.
"Early Monday, FlyChicago.com and related websites for O'Hare and Midway international airports went offline. No airport operations were affected. City of Chicago IT staff worked diligently to restore the website's functionality shortly after noon CT, and they continue to vigilantly monitor the situation. The City's Information Security Office at the Department of Assets, Information and Services is investigating the cause of the outage," the department said in a statement.
Last week, the same group of hackers claimed responsibility for denial-of-service attacks on state government websites in several states.
John Hultquist, vice president for threat intelligence at the cybersecurity firm Mandiant, tweeted that denial-of-service attacks like those aimed at the airports and state governments are usually short in duration and "typically superficial."
"These are not the serious impacts that have kept us awake," he said.
Such attacks instead tend to reveal insufficient attention by webmasters to adequate bulletproofing of sites, which now includes DDoS protection service.