Denial-of-service attacks take US airport websites offline

(AP) – An apparently coordinated denial-of-service attack orchestrated by pro-Russian hackers rendered the websites of some major US airports unavailable early Monday, although officials said flights were unaffected.

The attacks – in which participants flood targets with junk data – were orchestrated by a shadowy group calling themselves Killnet. On the eve of the attacks, the group published a target list on its Telegram channel.

While highly visible and designed for maximum psychological impact, DDoS attacks tend to be a noisy nuisance, distinct from hacking, which involves breaking into networks, and can cause serious damage.

“We determined this morning that the external website was down and our IT and security people are investigating,” said Andrew Gobeil, a spokesman for Atlanta’s Hartsfield-Jackson International Airport. “There was no impact on operations.”

Portions of the public-facing page of Los Angeles International Airport’s website were also disrupted, spokeswoman Victoria Spilabotte said. “No internal airport systems were compromised and there were no business interruptions.”

Spilabotte said the airport has notified the FBI and Transportation Security Administration and the airport’s information technology team is working to restore all services and investigate the cause.

Several other airports that were on Killnet’s target list reported problems with their websites.

The Chicago Department of Aviation said in a statement that the websites of O’Hare International and Midway airports went offline early Monday, but airport operations were not affected.

Last week, the same group of hackers claimed responsibility for denial-of-service attacks on state government websites in several states.

John Hultquist, vice president of threat intelligence at cybersecurity firm Mandiant, tweeted that denial-of-service attacks, such as those targeting airports and state governments, are usually short-lived and “typically superficial.”

“These are not the severe effects that have been keeping us awake,” he said.

Such attacks instead tend to reveal insufficient webmaster attention to adequate website mitigation, which now includes a DDoS protection service.