December 6, 2022

Cyber ​​attacks have been reported at US airports

Some of the country’s biggest airports have been targeted Cyber ​​attacks Monday by an attacker inside the Russian Federation, a senior official confirmed the situation to ABC News.

Importantly, targeted systems do not deal with air traffic control, internal aircraft communications and coordination, or traffic safety.

“It’s a strain,” the source said. The target resulted in a “public denial of access” to public Internet domains reporting airport wait times and congestion.

A dozen airport websites were affected by the “denial of service” attack, John Hultquist, head of intelligence analysis at cybersecurity firm Montiant, told ABC News. That type of attack overloads sites by flooding them with artificial users.

According to Hultquist, “Gilnet”, a pro-Russian hacker group, is believed to be behind the attack. While similar groups have been found to be fronting state-backed actors, Hultquist said there is no evidence the Russian government was involved in directing the attack.

The attacks were first reported around 3 a.m. ET when the Port Authority notified the Cybersecurity and Infrastructure Protection Agency that the LaGuardia Airport system had been attacked. LaGuardia was restored, but other airports around the country were later targeted.

Websites for Des Moines International Airport, Los Angeles International Airport (LAX) and Chicago O’Hare International Airport were affected Monday morning.

Hartsfield-Jackson Atlanta International Airport said By about 10:30 a.m. ET, the site was back in operation and “airport operations were not affected at any time.”

“Early this morning, the website experienced a partial disruption,” LAX said in a statement to ABC News. “The service interruption was limited to the public facing areas of the website. No internal airport systems were compromised and there were no operational disruptions.”

LAX said its website was back up and running shortly before 1 p.m. ET.

The “Gilnet” group has been active in Ukraine since the start of the war, targeting Ukrainian allies and recently claiming credit for taking down government websites in the United States, operating internationally and known to carry out attacks across Europe, according to cybersecurity experts. .

Engineers and programmers are working hard to close backdoors that allow attacks and improve critical computer infrastructure.

Jamming attacks like the one seen Monday morning are highly visible but often superficial and often temporary, Hultquist said.

ABC News’ Alex Stone contributed to this report.