An apparently co-ordinated denial-of-service attack organized by pro-Russia hackers rendered the websites of some major U.S. airports unreachable early Monday, though officials said flights were not affected.
The attacks — in which participants flood targets with junk data — were orchestrated by a shadowy group that calls itself Killnet. On the eve of the attacks the group published a target list on its Telegram channel.
While highly visible and aimed at maximum psychological impact, DDoS attacks are mostly a noisy nuisance, different from hacking that involves breaking into networks and can do serious damage.
“We noticed this morning that the external website was down, and our IT and security people are in the process of investigating,” said Andrew Gobeil, a spokesman for Atlanta’s Hartsfield-Jackson International Airport. “There has been no impact on operations.”
Portions of the public-facing side of the Los Angeles International Airport website were also disrupted, spokeswoman Victoria Spilabotte said. “No internal airport systems were compromised and there were no operational disruptions.”
Spilabotte said the airport notified the FBI and the Transportation Security Administration, and the airport’s information-technology team was working to restore all services and investigate the cause.
Several other airports that were included on Killnet’s target list reported problems with their websites.
The Chicago Department of Aviation said in a statement that websites for O’Hare International and Midway airports went offline early Monday but that no airport operations were affected.
Last week, the same group of hackers claimed responsibility for denial-of-service attacks on state government websites in several states.
John Hultquist, vice president for threat intelligence at the cybersecurity firm Mandiant, tweeted that denial-of-service attacks like those aimed at the airports and state governments are usually short in duration and “typically superficial.”
“These are not the serious impacts that have kept us awake,” he said.
Such attacks instead tend to reveal insufficient attention by webmasters to adequate bulletproofing of sites, which now includes DDoS protection service.