Earlier this week, pro-Russian hacktivist group KillNet took responsibility for DDoS attacks on several US airports.
The cyberattacks claimed by KillNet impacted the websites for Los Angeles International, Chicago O’Hare, and Hartsfield-Jackson International in Atlanta, among others.
Further, on October 11, 2022, Hawaii DOHS indicated that a DDoS attack was focused on systems hosting the landing page for 15 Hawaii airport websites, including the Daniel K. Inouye International Airport. The cyberattack is suspected to be from KillNet and related to the other US airport DDoS attacks earlier in the week.
What is a DDoS Attack?
DDoS stands for “Dynamic Denial of Service.” DDoS attacks are a type of attack where attackers use “zombie” computers to flood traffic against a server. The purpose of these attacks is to overload the servers so that legitimate traffic cannot reach them. DDoS attacks are not meant to steal data or infiltrate target systems – the attackers only look to cause a loss of service. DDoS attacks can significantly impact businesses due to lost revenue and reputation damage. DDoS attacks can also seriously threaten infrastructure by causing outages of critical services. DDoS protection is, therefore, an essential consideration for businesses and organizations that rely on web-based services.
Who is KillNet?
A dangerous and capable adversary, its activities underscore the need for improved cybersecurity measures at all levels.
KillNet is a pro-Russia hacker group linked to several high-profile cyberattacks. The group comprises skilled and experienced hackers who are deeply knowledgeable about a wide range of hacking tools and techniques. They specialize in DDoS attacks, which overwhelm a website with internet traffic. While DDoS attacks are generally considered little more than a nuisance, they can knock websites offline for hours or even days.
KillNet has been active since at least 2015, and its members are believed to be based in Russia. The group has been linked to attacks on the Ukrainian power grid, the German parliament, the US presidential election, and the recent attacks on US airports, among others. KillNet’s attacks are often characterized by their sophisticated planning and execution.
Why the KillNet US Airport Attacks are Important
The DDoS attacks mean that these airports’ public-facing websites were either offline for a few hours, intermittent, or slow to respond. They did not have any direct impact on airport operations.
The attacks by KillNet have a limited aim; to manipulate our perceptions. What is their end goal in manipulating our perceptions? Why is KillNet flexing its muscles to demonstrate its prowess?
According to George Bower, CYBER-ON-CALL® CEO, “These attacks are a warning shot to further disruptions. Whether these attacks will manifest into full cyberwarfare is yet to be seen, but more serious attacks are inevitable. We must do all we can to protect our critical infrastructure,” said Bower,” and the best way of doing this would be by strengthening cyberdefense measures.”
Cyberattacks that can potentially threaten our critical infrastructures should have us saying not if but when a more powerful, more disruptive attack will happen if the proper protection is not in place.
CYBER-ON-CALL works with some of the largest airports in the US to strengthen their cybersecurity.