Russian Cybercriminals Hacked Multiple American Airports Websites

Russian hackers disrupted the operations of at least one dozen websites of different American airports on Monday.

Just last week, the same group of hackers also breached websites of many state governments in America, including the websites of Colorado, Mississippi, and Kentucky.

In July, the same group even took down the website of the US Congress.

Airports Websites Under Attack

According to CNN, the hackers belonged to a Russian-based group, Killnet. CNN added that Killnet is not associated directly with the Russian government.

Killnet is usually involved in distributed denial of service (DDoS) attacks. The hackers drive so much traffic to the websites at once that the websites stop responding to more users, as they run out of resources.

On Monday morning, Killnet posted the list of 49 American airports websites on its telegram account and asked its 91,000 subscribers to visit the websites at once.

The group noted it is looking to commit DDoS attacks on American civilian facilities, adding that many hospitals and weather monitoring websites are also on their target.

Likewise, Killnet encouraged other anti-American groups to continue their hacking operations against the United States.

Some of the prominent airports affected by the cyberattack were the LaGuardia Airport in New York City, as well as international airports in Chicago, Atlanta, and Los Angeles.

Airport websites usually host sensitive flight data. If hackers manage to penetrate into the security systems of these websites, many flights are even vulnerable to accidents. Hackers can send flawed signals to aircraft flying with hundreds of passengers.

This is not the first time that Killnet asked its subscribers to kill websites. In fact, the hacker group frequently posts different lists of the websites and asks any potential hacker to join them in disrupting those websites.

Federal Agencies Vow to Protect Airport Websites From Cybercriminals

One anonymous senior aviation official stated the cyberattack on the airports’ websites did not disrupt the flight schedule, air traffic control, or any other major website operation.

However, the official noted the attack was enough to cause inconvenience among passengers who wanted to access the information using the websites.

So, passengers and their relatives were unable to access the flight waiting times on the websites, as well as the capacity information of the flights.

Later on, different airport administrations notified the media their websites were back online and they resumed all operations. 

Meanwhile, the Transport Security Administration (TSA) and FBI have started investigations against cyberattacks. The US Cybersecurity and Infrastructure Agency also indicated it is working with all the affected airports to help them in resuming their operations.

The same sort of cyberattack also happened in Germany, where hackers disrupted the communication networks in the railway system of the country.

German officials did not accuse any foreign actor of conducting the cyberattacks.

This article appeared in TheDailyBeat and has been published here with permission.