DDoS (opens in a new tab) attacks on a number of airports across the United States have left them unavailable for users. While the attacks did not disrupt flights, they did affect other airline services, according to reports.
According to a BleepingComputer report, a pro-Russian hacktivist organization called KillNet took responsibility for the attacks, as websites belonging to Hartsfield-Jackson Atlanta International Airport (ATL) and the Los Angeles International Airport (LAX) were under. The former is still unavailable at press time, while the LAX website is now up and running.
The attacks also affected Denver International Airport (DIA), which is still offline. Other airports, such as Chicago O''Hare International Airport (ORD), Orlando International Airport (MCO), Phoenix Sky Harbor International Airport (PHX) and several others in Kentucky, Mississippi, and Hawaii.
Russia link?
KillNet allegedly used custom software to execute the raid, and, over the weekend, he listed the affected domains on its Telegram channel.
While it cannot be said with absolute certainty, there is rumors that KillNets'' motives are linked to the Russia/Ukraine conflict, as the organization is well-known for securing Ukraine''s friends. In Romania, Italy, Norway, and Lithuania, apparently, both have suffered attacks.
Often times, a distributed denial of service attack is performed by flooding a server with bogus requests until it can no longer handle either those or legitimate requests. It can be seen as a customer support center whose phone lines are always busy, but the calls are all bogus. DDoS attacks are sometimes used in tandem with a ransomware attack, which can result in further pressures from companies.
The threat actor would need access to a vast botnet, a network of compromised endpoints, to send bogus requests to target servers. Emotet is one of the most infamous botnets today.
Via BleepingComputer (opens in new tab)