Hackers Took Down US Airport Websites - The Department Of Homeland Security Confirms
The Department of Homeland Security confirms that hackers took down US airport websites. An official from the Department of Homeland Security confirmed to USA TODAY that on Monday, unknown hackers attacked and temporarily disabled the websites that were accessible to the public of at least several of the largest airports in the United States.
The official from the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency, or CISA, declined to comment on who might have been responsible for what appeared to be a coordinated series of distributed denial of service (DDoS) incidents. These incidents, which did not affect the actual operations of the airports or the planes flying into and out of them, were referred to as "DDoS."
The CISA is aware of reports of distributed denial of service attacks that targeted multiple airport websites in the United States.
COPYRIGHT_BUG: Published on https://www.bugbog.com/hackers-took-down-us-airport-websites/ by Velma Battle on 2022-10-12T03:16:02.931Z
They are coordinating with potentially impacted entities and offering assistance as needed, said the official, who declined to speak on the record or provide any additional information regarding the cyberattacks or who might have been responsible for them.
They are also offering assistance as needed, the official added. According to the official Twitter account of the Russian service of the Voice of America, Russian-speaking "hacktivists" from a group calling themselves KillNet claimed responsibility for the attacks, which took down websites at 14 airports, including Hartsfield-Jackson Atlanta International Airport (ATL) and Los Angeles International Airport (LAX).
Other airports affected by the attacks included San Francisco International Airport (SFO) and Denver International Airport (DEN). According to CISA, Distributed Denial of Service attacks (DDoS) are utilized to flood computer servers with many thousands of requests all at once in an effort to take them offline.
According to Frank Cilluffo, a former official in charge of cybersecurity for the White House, the servers that host the websites for the airports were inundated with thousands of requests during this incident. As a result, it was nearly impossible for passengers to connect to the websites in order to get updates about their scheduled flights or to book airport services.
According to Cilluffo, the purpose of attacks of this nature is typically not to cause significant destruction or even disruption, such as shutting down airport operations. Rather, the goal is to attract attention to the incident.
According to Cilluffo, director of the McCrary Institute for Cyber and Critical Infrastructure Security at Auburn University, that they are not trivial, and in this case they could be the beginnings of a larger trend.
Although this incident was most likely the work of 'hacktivists' who are sympathetic to Russia, it highlights the likelihood that they will see more cyber activity that is disruptive to their systems in the future.
More importantly, cyber activity cannot be treated in isolation from broader geopolitics, and it is necessary to differentiate between annoyances caused by hacktivists and more significant cyber incidents sponsored by Russia or its proxies that target our critical infrastructure and critical services, Cilluffo stated this to USA TODAY.
Regarding the latter, they need to continue keeping their guard up and keeping their eyes on the ball at all times. Chief of Staff Kiersten Todt at CISA stated that the organization is on high alert. According to CNN, Todt stated the following on Monday during a security conference in Sea Island, Georgia:
Obviously we’re tracking that, and there’s no concern about operations being disrupted.
- Chief of Staff Kiersten Todt
According to CNN, KillNet launched attacks against additional U.S. targets last week, including the government websites of the states of Colorado, Kentucky, and Mississippi.
Glenn Gerstell, the National Security Agency's general counsel from 2015 to 2020, said such attacks are notoriously difficult to blame, especially so soon after such a broad and seemingly coordinated series of incidents. However, he believes the Russian government, possibly through private-sector hacker groups, is by far the most likely suspect.
It's hard to believe it's the work of just random criminals or teenage hackers just having fun, because it does seem to be coordinated with an attack on multiple major airline airport websites. It does certainly illustrate our vulnerability here in the United States to cyberattacks attributable to actions and political events that happen halfway around the world.
- Glenn Gerstell
Gerstell stated, who also served on President Barack Obama's National Infrastructure Advisory Council. Threats to the nation's infrastructure are reported to the president and the secretary of Homeland Security by the council.
According to Gerstell, who is now a senior adviser to the International Security Program at the Center for Strategic and International Studies in Washington, D.C., the fact that no operational systems appear to have been taken down is good news.
It doesn't appear to have impacted airline or airport operations, let alone airport control, Gerstell said. However, it does highlight their vulnerabilities in information technology and how much they all rely on it, whether it's just checking when a flight is arriving or departing or the current operations at a congested airport.