Cyber Attack Knocks Some Us Airport Websites Offline

Managers at several airports said they notified the FBI and the Transportation Security Administration about the cyberattacks. In a statement, the FBI said it was aware of the incident but had no additional information. The TSA declined to comment, referring inquiries to individual airports. The attacks were carried out by a group of pro-Russian hackers known as Killnet, according to John Hultquist, vice president of information at Mandiant, a US cybersecurity firm. Killnet solicited coordinated denial-of-service attacks on cyber targets from a list it posted on its Telegram channel — a list that included several major US airports. Denial of service attacks occur when a target is flooded with traffic until it cannot respond or crashes. Although highly visible, Hultquist called such attacks more of a “public nuisance” than serious security threats because they don’t target large internal systems that could affect an airport’s operations. However, when they do take place, he said, they are effective in grabbing the public’s attention. Officials with the Cybersecurity and Infrastructure Security Agency, which is charged with understanding, managing and reducing risks to the nation’s cybersecurity and physical infrastructure, did not respond to a request for comment Monday. The Port Authority of New York/New Jersey said the LaGuardia Airport website experienced a denial of service incident at approximately 3 a.m. Monday that resulted in intermittent delays for those trying to access the site. “The Port Authority’s cybersecurity defense system did its job by detecting the incident quickly, resolving the issue in 15 minutes and allowing us to notify others by immediately notifying federal authorities,” the agency said in a statement, adding that there was no impact on any facilities of the Port Authority. At Denver International Airport, the attack began around 11 a.m., officials said. Administrators at Los Angeles International Airport said in a statement that the airport’s website was partially down, limited to portions of the site that are viewable by the public. They said the airport’s information technology team has restored all services and is investigating the cause. “No domestic airport systems were compromised and there were no operational disruptions,” the statement said.