DALLAS – A Russian cyber attack has targeted the websites of airports in New York, Atlanta, Los Angeles, Chicago, and Des Moines. The attack did not affect airport operations, only their websites.
Monday morning, the websites for Des Moines International Airport (DSM), Los Angeles International Airport (LAX), and Chicago O’Hare International Airport (ORD) all looked to be down.
A source person briefed on the matter told ABC News that an attacker within the Russian Federation targeted some of the country’s busiest airports for cyberattacks on Monday. The targeted systems do not handle air traffic control, internal airline communications, and coordination, or transportation security.
“It’s an inconvenience,” the source said. The attacks have resulted in targeted “denial of public access” to public-facing web domains that report airport wait times and congestion.
Over a dozen airport websites were impacted by the Denial-of-Service (DoS) attack, according to John Hultquist, head of intelligence analysis at the cybersecurity firm Mandiant who spoke to ABC.
A DoS attack is one meant to shut down a machine or network, making it inaccessible to its intended users. DoS attacks accomplish this by flooding the target with traffic or sending it information that triggers a crash.
Many US travelers check airport websites for arrival and departure times, flight delays, and perhaps to learn about the airport layout, parking, and food options, so it is not clear if this is a strategic victory for Russian hackers.
Airport Operations Intact
The Port Authority told the Cybersecurity and Infrastructure Security Agency that the LaGuardia Airport (LGA) system had been attacked around 3 a.m. ET. LaGuardia has been reopened, but other airports across the country have been targeted since.
Hartsfield-Jackson Atlanta International Airport reported around 10:30 a.m. ET that its site is back up and running and that “at no time were operations at the airport impacted.” At the time of this writing, the ATL website is still down (see image below).
“Early this morning, the FlyLAX.com website was partially disrupted,” LAX said in a statement to ABC News. “The service interruption was limited to portions of the public-facing FlyLAX.com website only. No internal airport systems were compromised and there were no operational disruptions.”
Engineers and programmers began work to close the backdoors that enabled the attacks and to secure more crucial computer systems.
Featured image: Atlanta International Airport. Photo: By redlegsfan21 from Vandalia, OH, United States – Hartsfield-Jackson Atlanta International Airport, CC BY-SA 2.0