Updated October 13, 2022
Hackers affiliated with pro-Russia groups Killnet, Anonymous Russia and NoName057(16) have executed distributed denial of service (DDoS) attacks on multiple websites associated with the U.S. airline industry, causing temporary website outages.
A cybersecurity alert from Radware detailed the attacks, citing an interview from Killnet founder and hacker KillMilk wherein the founder announced the coordinated targeting of U.S. critical infrastructure over the coming days. The founder claimed that the U.S. private sector is "100% vulnerable" to cyberattacks and promoted a conspiracy theory claiming the U.S. created COVID-19.
On October 10, 2022, Killnet leadership released a list of airport websites for its members to target with DDoS attacks. Throughout the day, NoName057(16) and Anonymous Russia also released lists containing potential targets.
According to the Radware threat alert, the websites of the Los Angeles International Airport (LAX), Hartsfield-Jackson Atlanta International Airport (ATL), and Phoenix Sky Harbor Airport (PHX), and the City of Chicago's air travel website temporarily went offline.
The Transportation Security Agency (TSA) said the attacks "did not disrupt airport operations or access to information," reported Reuters.
"It is important to note that denial-of-service attacks typically do not cause lasting damage. Still, those with unprotected assets or inadequate mitigation services may experience prolonged outages due to a DDoS attack from threat groups such as Killnet or NoName057(16)," noted the report.
Sectors including transportation, healthcare, finance and shipping are expected to be targets, according to the report.
For more threat intelligence, read the full report.