Websites of a number of airports across the United States have been hit with DDoS attacks
Distributed denial of service (DDoS) attacks have taken down the websites of several airports around the United States, making them inaccessible to travelers. According to reports, flights themselves were not affected by the attacks, but other airline services were. A report by BleepingComputer claims that the attacks on the Hartsfield-Jackson Atlanta International Airport (ATL) and the Los Angeles International Airport (LAX) websites were carried out by a pro-Russian hacktivist organization known as KillNet. At this time, the latter is still down, while the LAX website is live.
Denver International Airport (DIA) was also shut down as a result of the attacks. Since the first outage, the websites for Chicago O’Hare International Airport (ORD), Orlando International Airport (MCO), Phoenix Sky Harbor International Airport (PHX), and several others in Kentucky, Mississippi, and Hawaii have all been fixed.
KillNet allegedly utilized bespoke software to carry out the operation, and it posted a list of the compromised sites to its Telegram channel over the weekend. Although it is impossible to know for sure, KillNet has been linked to the war between Russia and Ukraine because of its history of attacking Ukraine’s supporters. Companies in Romania, Italy, Norway, and Lithuania have apparently all been attacked before.
The goal of a distributed denial of service attack is to overwhelm a server with fake requests until it crashes. Imagine a help desk that never stops receiving calls, but all of them turn out to be from fake customers. To increase the pressure on businesses to pay the ransom, DDoS attacks are frequently employed in tandem with ransomware attacks. To launch a distributed denial of service (DDoS) assault, a threat actor needs access to a large botnet, which is a collection of hacked devices used to deliver spam requests to the targeted servers. Emotet is a notorious botnet that has gained a lot of notoriety recently.