Russian hackers take down 14 US airport websites. Here's what we know

14 major US airport websites were temporarily shut down due to DDoS attacks led by pro-Russian hackers who are retaliating against the Western countries' aggressive actions against Russia due to the war in Ukraine. Here's what's happening.

What happened: On October 10, 2022, 14 major US airport websites were attacked by pro-Russian hackers and were temporarily shut down. Though no airport operations were affected, nor were any flight activities changed, the large synchronised website hack seems to have originated from the Russian hacker group Killnet. 

A coordinated series of Distributed Denial of Service (DDoS) attacks seem to have hit the US airport websites after Killnet listed the US airport website domains on its Telegram channel on Sunday. These websites were then targeted by volunteers with custom software designed to overwhelm the websites with false web traffic, thus making the websites inaccessible to the public. 

Which airport websites were affected? The DDOS attacks were experienced by:

• Hartsfield-Jackson Atlanta International Airport (ATL),
• Los Angeles International Airport (LAX)
• Chicago O'Hare International Airport,
• Orlando International Airport,
• Denver International Airport, 
• Phoenix Sky Harbor International Airport, and
• other airports in Kentucky, Mississippi, and Hawaii

What are DDos attacks? Hackers usually overwhelm computer servers by sending them thousands of fake requests at the same time. As the servers can handle a limited capacity of users at a time and cannot differentiate between real and fake requests, the servers that host the airport sites end up being busy and tied up resolving these fake requests. Thus the actual travelers cannot access the airport website. That means they cannot get any updates about their scheduled flights or book airport services. 

When hackers attack important websites with DDoS attacks, they are generally a medium of gaining attention than causing significant destruction or even disruption. But if this is the beginning of a trend, the hacking could get worse and impact more people over time. 

Who was behind the mischief? Russian hacktivist group 'Killnet' took responsibility for the strike on the US websites as a way to retaliate against the aggressive actions that were taken by the Western countries against Russia. In fact, they released a video where they made serious claims about what is yet to come. Here's a translated video that is going viral on Twitter:   

❗️Hacking Group Killnet To ‘Strike’ At The Enemies Of Russia — RT Exclusive

RT has gained exclusive access to the founder of Killmilk, who says the hacker group is preparing a “huge package of evidence and revelations” against the West for its hostility towards Russia.

1/ pic.twitter.com/B4Ty1lAkui

— 🇷🇺Jacob🇷🇺Charite🇷🇺 (@jaccocharite) October 9, 2022

Is this their first time? Nope. Killnet has previously claimed responsibility for:

• being the mastermind behind the cyber attacks on organizations in Lithuania after the Baltic country blocked the shipment of some goods to the Russian enclave of Kaliningrad in June 2022.
• briefly bringing down a US Congress website in July 2022.
• hacking US Defence giant Lockheed Martin and its subsidiaries' website in August 2022. Lockheed is the supplier of the HIMARS rocket system sent to Ukraine against Russia.

The #Russian Hacker Group #Killnet has hacked #US Defence Giant #LockheedMartin Website along with its subsidiaries and affiliates. Some associated #NASA services affiliated with it also effected

Lockheed is the supplier of #HIMARS rocket system sent to #Ukraine against #Russia pic.twitter.com/kQN038vG3N

— DR. AMIT MANOHAR (@dramitmanohar) August 10, 2022

• As per CNN, on October 5, 2022, Killnet attacked various state government websites in Colorado, Kentucky, and Mississippi. The Kentucky Board of Elections website, which posts information on how to register to vote, was also temporarily offline for a day. 

How is the US responding to this mischief? Glenn Gerstell, who was previously the General Counsel of the National Security Agency from 2015 to 2020, and is now a senior advisor to the International Security Program at the Center for Strategic & International Studies in Washington, D.C told USA Today: 

It's good news that no operational systems appear to have been taken down, said Gerstell, who is now a senior advisor to the International Security Program at the Center for Strategic & International Studies in Washington, D.C. It doesn't seem to have affected airline operations or airport operations, much less airport control," he said. "But it does highlight our vulnerabilities in information technology, and how we all rely on it, whether it's just using our cell phones to check when a flight is coming or departing or the current operations at an airport that's congested."