US airports are being hit by DDoS attacks from Russia

(Image credit: Pixabay)

The websites of a number of airports across the United States have been hit with distributed denial of service (DDoS) attacks, rendering them unavailable for users. While the attacks did not disrupt flights, they did affect other airline services, it was said.

According to a BleepingComputer report, a pro-Russian hacktivist group called KillNet took responsibility for the attacks, as websites belonging to Hartsfield-Jackson Atlanta International Airport (ATL) and the Los Angeles International Airport (LAX) went under. The former is still unavailable at press time, while LAX’s website is now up and running. 

The attacks also affected Denver International Airport (DIA), which is still offline. Other airports, whose websites have recovered in the meantime, include Chicago O'Hare International Airport (ORD), Orlando International Airport (MCO), Phoenix Sky Harbor International Airport (PHX), and a number of others in Kentucky, Mississippi, and Hawaii.

Allegedly, KillNet used custom software to conduct the raid, and over the weekend listed the affected domains on its Telegram channel.

While it can’t be said with absolute certainty, there is speculation that KillNet’s motives are linked to the Russia - Ukraine conflict, as the group is known for targeting Ukraine’s allies. Apparently, companies in Romania, Italy, Norway, and Lithuania, have all suffered attacks in the past.

A distributed denial of service attack is performed by flooding a server with bogus requests until it can no longer handle either those or legitimate requests. You can think of it as a customer support center whose phone lines are always busy, but the phone calls are all bogus. DDoS attacks are sometimes used in pair with a ransomware attack, to further pressure companies into paying the ransom. 

To successfully pull off a DDoS attack, the threat actor would need access to a vast botnet, a network of compromised endpoints to send bogus requests to target servers. One of the most infamous botnets these days is Emotet.

Via BleepingComputer

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.