Hackers knock some U.S. airport websites offline

Share

FILE - Travelers walk through Terminal 1 at O'Hare International Airport in Chicago, on Dec. 30, 2021. The websites for some major U.S. airports went down early Monday, Oct. 10, 2022, in an apparent coordinated denial of service incident, although of

Airports in Los Angeles and Atlanta were among those affected. Officials say there was no effect on operations

Websites for a handful of U.S. airports, including those in Atlanta, Chicago, New York and Los Angeles, were taken offline during a cyberattack Monday, although officials said there was no effect on flight operations.

Managers at multiple airports said they notified the FBI and the Transportation Security Administration about the cyberattacks. In a statement, the FBI said it was aware of the incident but had no additional information. The TSA declined to comment, referring inquiries to individual airports.

The attacks were carried out by a group of pro-Russian hackers known as Killnet, according to John Hultquist, vice president for intelligence at Mandiant, an American cybersecurity firm. Killnet called for coordinated denial-of-service attacks on cyber targets from a list it posted on its Telegram channel — a list that included several major U.S. airports. Denial-of-service attacks occur when a target is flooded with traffic until it can’t respond or crashes.

Though highly visible, Hultquist characterized such attacks more as a “public nuisance” than serious security threats because they don’t target major internal systems that could affect an airport’s operations. Still, when they do take place, he said, they are effective in drawing public attention.

Officials at the Cybersecurity and Infrastructure Security Agency, which is charged with understanding, managing and reducing risks to the nation’s cyber and physical infrastructure, did not respond to request for comment Monday.

The Port Authority of New York/New Jersey said LaGuardia Airport’s website experienced a denial of service incident about 3 a.m. Monday that resulted in intermittent delays for those who tried to access the site.

“The Port Authority’s cybersecurity defense system did its job by detecting the incident quickly, addressing the problem in 15 minutes, and enabling us to alert others by notifying federal authorities immediately,” the agency said in a statement, adding that there was no effect to any Port Authority facilities.

At Denver International Airport, the attack began around 11 a.m., officials said.

Los Angeles International Airport managers said in a statement the airport’s website was partially disrupted, limited to portions of the public-facing site. They said the airport’s information technology team restored all services and is investigating the cause.

“No internal airport systems were compromised and there were no operational disruptions,” the statement said. washingtonpost.com

Share