Over a dozen of US airport websites were compromised following a massive distributed denial-of-service (DDoS) attack by Russian hackers. The attack occurred on Monday and impacted several airport websites in the USA, including that of the Chicago O’Hare International Airport. Hartsfield-Jackson Atlanta International Airport also suffered a similar attack. Many of the affected websites remained compromised and showed blank screens or error messages.
US authorities respond to the attacks
A notorious Russian cybercriminals organization has been blamed for disrupting the website services. Several authorities have reported that the hacker group is believed to be the Russian-funded Killnet. The US Transportation Security Administration is working towards mitigating the issue and has advised the airports to immediately take action against the hackers.
The Register spoke to the US Transportation Security Administration, and one of the speakers advised the company to contact the airports about the incident directly. According to a report by CNN, the hacking didn’t directly impact the passengers, even though 14 airports were targeted in the DDoS attack. The authorities claim that the attack didn’t affect any core system files and seemed to be a “basic buy-enough-bots PR stunt.
Killnet claims responsibility for the attack
According to @AlvieriD #Chicago O'hare airport and #Atlanta airport two of the biggest in the US been having issues for several hours.#cybersecurity #infosec #RussiaUkraineWar#UkraineRussiaWar #America#cyberattack pic.twitter.com/mk16qjXTcS
— CyberKnow (@Cyberknow20) October 10, 2022
The notorious Russian hacktivist group Killnet claimed responsibility for the network-traffic flooding attack. The hacker collective have shared the names of the websites and airports compromised by the DDoS attack.
A Twitter user named CyberKnow posted the incident on Twitter, stating, “#killnet has released a target list of #USA airports. According to @AlvieriD, #Chicago O’hare airport and #Atlanta airport, two of the biggest in the US, have been having issues for several hours.
The hacker group also targeted the US states of Colorado, Kentucky, Mississippi, and others that were also affected by the DDoS attacks. The group is believed to have attacked the websites after US provided aid to Ukraine amid the ongoing the Russian-Ukraine conflict.
The Cybersecurity and Infrastructure Security Agency (CISA) is also involved in mitigations against the DDoS assaults aimed at several US airport websites. The agency is collaborating with affected parties and is providing help as required.
Killnet has been credited for multiple attacks in Lithuania, Romania, and Japan in just the last few months. In September 2022, Ukraine warned against Russian cyber terrorists intending to intensify their assaults against that nation and its allies.