Monday, 10 October 2022

Pro-Russia Hackers Claim DDOS Attacks Against US Airport Websites

(Credit: Bloomberg/Getty Images)
A group of pro-Russia hackers called KillNet have claimed an ongoing series of distributed denial-of-service (DDoS) attacks against American airport websites. The attacks, which started early Monday, have impacted several major travel hubs including Los Angeles International Airport (LAX) and Hartsfield-Jackson Atlanta International Airport (ATL). Phoenix Sky Harbor International Airport (PHX), Orlando International Airport (MCO), Denver International Airport (DIA), and several other airports across the country have also been affected. The website for Chicago O’Hare International Airport (ORD) still appears to be down at the time of writing. So far, none of the impacted airports have reported changes to actual on-the-ground operations.

KillNet is an openly pro-Russia “hacktivist” group thought to have formed shortly after Russia’s invasion of Ukraine. On Monday morning, the group posted a list of US airport websites to its Telegram channel, using the header “Your way out hackers, the list below is for you!” Just a few hours later, KillNet posted a screenshot from The Hunger Games movie franchise with the text “Let the Hunger Games begin in USA 2022.”

As with any DDoS attack, the group appears to have been using its own software to flood airports’ websites with artificial traffic, resulting in temporary incapacitation. Target websites are unavailable for extended periods of time, intermittently unavailable, or extremely slow to load. Some that have recovered from the attack (like ATL) now have firewalls inspecting individual requests before allowing users to access the domain.

While in-person airport operations have reportedly remained stable, the incapacitated websites likely made it difficult for travelers and their families to look up flight information, use online maps to navigate affected airports, or sort out their transportation plans. Some airport websites also help travelers book flights and obtain parking passes, meaning the attacks were not without economic impact.

KillNet, like most hacktivist groups, is not knowingly associated with any Russian government entity. That said, these DDoS attacks are believed to be the group’s latest attempt to “punish” the US for providing Ukraine with weapons and intelligence over the last several months. A few days ago KillNet attacked several US government websites, including Colorado’s state web portal, Mississippi’s state website, and Kentucky’s Board of Elections website, using similar measures. None of the attacks resulted in lasting damage, and all three sites are working normally at the time of writing.

Now Read:



No comments:

Post a Comment