(FiveNation.com)- Engineers and programmers had their hands full on Monday trying to close backdoors that allowed a series of cyberattacks on some of the nation’s largest airports.
According to a senior US official, hackers within the Russian Federation launched a series of cyberattacks on systems at multiple US airports resulting in “denial of public access” to the public-facing web domains that provide information on airport wait times and congestion.
While inconvenient, the systems targeted in the attacks do not handle air traffic control, internal airline communications, or transportation security.
More than a dozen airport websites were impacted by denial of service (DDoS) attacks that are designed to overload sites by hammering them with thousands of artificial hits simultaneously.
According to John Hultquist, head of intelligence analysis at the cybersecurity firm Mandiant, the pro-Russian hacker group “Killnet” is likely behind Monday’s attack. However, Hultquist said there is no evidence that the Russian government was involved in directing the attacks.
The DDoS attacks were first reported around 3:00 am eastern time when Port Authority notified the Cybersecurity and Infrastructure Security Agency (CISA) that the system at New York’s LaGuardia Airport had been hit.
In addition to LaGuardia, websites for Des Moines International Airport, Los Angeles International Airport, and Chicago’s O’Hare International Airport were also attacked early Monday morning.
Later in the day, Denver International Airport, the country’s 3rd busiest airport, fell under attack around 11:00 am. The attackers continued to attempt to overwhelm the website throughout the day. However, an airport spokesperson told ABC News that the attacks had not impacted the system.
At 10:30 am, Hartsfield-Jackson Atlanta International Airport reported that its site was back up and “at no time were operations at the airport impacted.”
The FlyLAX.com website for Los Angeles International Airport was only “partially disrupted” and no internal airport systems had been compromised. By 1:00 pm eastern, FlyLAX.com was back up and running.
The “Killnet” group has been active since Russia invaded Ukraine in February, targeting Ukrainian allies.
