Cyberattacks were unleashed upon several U.S. airports on Monday including New York LaGuardia, Atlanta, Los Angeles, Chicago O’Hare, and Des Moines. Russian hacker group Killnet is being blamed.
But all that they did was take down airport websites, through denial of service attacks. Kid stuff. No crucial systems were compromised, and a few hours later websites were back up.
A Russian cyber attack has hit the websites of multiple U.S. airports, including La Guardia, ATL, ORD, LAX and Des Moines. The attack is not affecting airport/airline/security operations, only airport websites. ATL says it just brought its website back up.
— Sam Sweeney (@SweeneyABC) October 10, 2022
After “Des Moines…?” my immediate thought was to work through whether this was a display of their real capabilities, or a warning shot? But this doesn’t signal they are capable of more. A DDoS attack against a public-facing website is something any modestly savvy teenager could launch. It doesn’t serve as a message that ‘we can reach your systems, and next time will be worse.’
Instead it’s more moderately annoying for the individual airports involved at best, the kind of attack someone would launch who wanted to say that an attack was made without actually doing one.
For several hours, some flyers were unable to:
- Learn about destinations and airlines with non-stop service to their home airport
- Check out parking rates
- Get contact information for the airport’s media relations team
Russian signals intelligence, formerly part of the FSB, is surely capable of infecting systems with malware, extracting information from systems (and has been accused of leaking information it’s garnered), and more. Russian hackers have been blamed for penetrating White House computers and for last year’s Colonial Pipeline ransomware attack.
This wasn’t nearly serious enough to serve as a warning, that U.S. cyber assets would be targeted as a result of Ukraine recapturing territory and desire to re-take Crimea, annexed by Russia in 2014. Indeed… Des Moines‘s airport website? It wasn’t an attack on ‘critical infrastructure’ or a systems penetration meant to be found as a warning.
Meanwhile the U.S. today pledged continued support for Ukraine, including advanced air defense systems. I’m surprised we haven’t seen more and more serious actions that could serve as a deterrent, coinciding with new instances of U.S. support.