Oct 11 — In the last 48 hours, websites belonging to 14 US airports, including those in Atlanta, Chicago, New York and Los Angeles, were temporarily taken offline due to cyber attacks. The attacks have not impacted flight operations.

Airport management teams notified the FBI and the Transportation Security Administration (TSA) about the attacks. In a statement, the FBI said that it was aware of the situation, but could not provide further comment.

Website defacement

Experts have characterized the attacks as more of a ‘public nuisance’ than a series of serious security threats, as they did not target major internal systems that would affect an airport’s operations.

For example, portions of the public-facing side of the Los Angeles International Airport (LAX) website were disrupted. However, LAX air travel remained unaffected. Nonetheless, the attacks have garnered significant media attention.

Killnet attackers

The attacks appear to have been carried out by a group of politically motivated hackers; collectively known as Killnet. Prior to this point, Killnet had listed a group of potential cyber attack victims on its Telegram channel. Airports were included on the list.

More information

Geopolitical conflicts appear to be spilling over into the cyber domain. In what seems to be an escalation of a recent campaign protesting the US government’s support for Ukraine, Killnet recently called on similarly aligned groups and individuals to execute Distributed Denial of Service attacks on other US infrastructure targets.

Summary

Engineers and programmers are now working to close the backdoors that enabled the Killnet group to slip through systems.

Despite the website defacements, airport systems were not compromised. No operational disruptions occurred.

For more on this story, visit The Washington Post. Lastly, get engaging stories, expert analysis and real-world reports delivered to your inbox each week – subscribe to the CyberTalk.org newsletter.