A coordinated cyber-attack took down the websites of more than a dozen US airports yesterday morning, with a pro-Russian hacker outfit known as Killnet claiming responsibility.
Notably, the attack did not have any operational impacts on the airports themselves, with no reports of air travel disruptions encountered.
Killnet called for coordinated denial-of-service attacks on cyber targets from a list it posted on its Telegram channel — a list that included several major US airports.
What was affected?
About 14 public-facing websites for several major US airports were targeted and inaccessible to the public for small periods of time.
The Port Authority of New York/New Jersey said LaGuardia Airport’s website experienced a denial-of-service incident at about 3am Monday, which resulted in intermittent delays for those who tried to access the site.
“The Port Authority’s cybersecurity defence system did its job by detecting the incident quickly, addressing the problem in 15 minutes and enabling us to alert others by notifying federal authorities immediately,” the agency said in a statement, adding that there was no effect to any Port Authority facilities.
Los Angeles International Airport managers said in a statement the airport’s website was partially disrupted, limited to portions of the public-facing site.
They said the airport’s information technology team restored all services and was investigating the cause.
“No internal airport systems were compromised and there were no operational disruptions,” the statement said.
The websites for Des Moines International Airport and Chicago O'Hare International Airport appeared impacted on Monday morning.
Later Monday, Denver International Airport, the third busiest airport in the country was also attacked.
However, website services resumed at all airports after the attacks were thwarted on the same day.
What is a denial-of-service attack?
A denial-of-service attack is a web attack aimed at shutting down a machine or a network, making it inaccessible to its intended users.
It’s usually a coordinated attack, either performed by an army of hackers, activisits or bots who target the service at the same time, making the service return a 'denial of service'.
This type of attack is very popular amongst hacktivist groups such as anonymous who are more interested in sending a message across than stealing information or money from the target.