On Monday, October 10, 2022, the web-sites of quite a few US airports have been disrupted due to a significant-scale marketing campaign of dispersed denial-of-assistance (DDoS) attacks, in which servers were flooded with web visitors to knock websites offline.
The victims include Los Angeles Intercontinental Airport (LAX), Hartsfield-Jackson Atlanta Global Airport (ATL), Chicago O’Hare Worldwide Airport (ORD), as very well as other airports in Florida, Colorado, Arizona, Kentucky, Mississippi and Hawaii.
The DDoS attacks meant that these airports’ public-facing internet sites had been both offline for a couple hrs, intermittent or gradual to reply. They did not have any direct impact on airport operations.
Some airport authorities, these as LAX, notified the Transportation Security Administration and the FBI about the incident.
Afterwards that working day, the pro-Russian hacktivist group ‘KillNet’ claimed the attack and mentioned 14 qualified domains on a Telegram channel.
This is not the to start with time KillNet has utilized this type of attack. In March 2022, they knocked a US airport’s site offline in retaliation for US guidance for Ukraine, in accordance to a federal cybersecurity advisory.
However, a number of security scientists criticized some of the US media’s initial headlines when the news broke, some of which omitted to point out the attack only impacted the airports’ sites, even though others mentioned that the team was “linked to the Russian Federation.”
“The airport attacks, like the state govt attacks prior to them, are what we make of them. DDoS is ordinarily superficial and small-lived but also remarkably seen. Their minimal goal is to manipulate our perceptions. These are not the severe impacts that have kept us awake,” John Hultquist, VP of menace intelligence at Mandiant, stated on Twitter.
“A reminder to media that KillNet is [a] bunch of young ones, not Russian point out cyber abilities,” said security pro Kevin Beaumont. “You must give protection similarly as you do to [the] IT Military of Ukraine, who DDoS targets in Russia all day incredibly successfully, and have performed for months.”
Some pieces of this report are sourced from: