Cyber ​​attack knocks some US airport websites offline

The websites of a handful of U.S. airports, including those in Atlanta, Chicago, New York and Los Angeles, were taken offline during a cyber attack on Monday, although officials said there was no effect on flight operations.

Executives at several airports said they notified the FBI and the Transportation Security Administration of the cyberattacks. In a statement, the FBI said it was aware of the incident but had no further information. The TSA declined to comment and referred inquiries to individual airports.

The attacks were carried out by a group of pro-Russian hackers known as Killnet, according to John Hultquist, vice president of intelligence at Mandiant, a US cybersecurity firm. Killnet called for coordinated denial-of-service attacks on cyber targets from a list it posted on its Telegram channel — a list that included several major US airports. Denial-of-service attacks occur when a target is flooded with traffic until it becomes unresponsive or crashes.

Although highly visible, Hultquist characterized such attacks as more of a “public nuisance” than serious security threats because they do not target major internal systems that could affect an airport’s operations. Still, when they do take place, he said, they are effective at attracting public attention.

Officials at the Cybersecurity and Infrastructure Security Agency, which is tasked with understanding, managing and reducing risks to the nation’s cyber and physical infrastructure, did not respond to requests for comment Monday.

The Port Authority of New York/New Jersey said LaGuardia Airport’s website experienced a denial-of-service incident around 10 p.m. 3 a.m. Monday, resulting in intermittent delays for those trying to gain access to the site.

“The Port Authority’s cybersecurity defense system did its job by detecting the incident quickly, resolving the issue in 15 minutes and enabling us to alert others by notifying federal authorities immediately,” the agency said in a statement, adding that there were no effect on any port authority facilities.

At Denver International Airport, the attack began around 11 a.m., officials said.

Los Angeles International Airport executives said in a statement that the airport’s website was partially disrupted, limited to parts of the public-facing site. They said the airport’s information technology team restored all services and is investigating the cause.

“No internal airport systems were compromised and there were no operational disruptions,” the statement said.

Leave a Comment