The attacks were carried out by a group of pro-Russian hackers called Killnet, according to John Hultquist, vice president of intelligence at U.S. cybersecurity firm Mandiant. Killnet called for coordinated denial-of-service attacks against cyber targets from a list posted on its Telegram channel that included several major US airports. A denial of service attack occurs when a target is overwhelmed with traffic until it becomes unresponsive or crashes.
Although highly visible, Hultquist describes such attacks more as a “nuisance” than a serious security threat because they do not target major internal systems that could affect airport operations. Still, he said, when they do happen, they are effective in drawing public attention.
Officials with the Cybersecurity and Infrastructure Security Agency, which is responsible for understanding, managing and mitigating risks to the nation’s cyber and physical infrastructure, did not respond to a request for comment on Monday.
The Port Authority of New York/New Jersey said the LaGuardia Airport website experienced a denial of service incident around 3 a.m. Monday, causing intermittent delays for those trying to access the site.
“The Port Authority’s cybersecurity defense system does its job by rapidly detecting incidents, resolving issues within 15 minutes, and enabling us to alert others by immediately notifying federal authorities,” the agency said in a statement. said in a statement, adding that no Port Authority facilities were affected.
At Denver International Airport, the attack began around 11 a.m., officials said.
Los Angeles International Airport officials said in a statement that the airport’s website was partially disrupted and limited to a portion of its public-facing site. The airport’s information technology team has restored all services and is investigating the cause, they said.
“No internal airport systems were compromised and there was no operational disruption,” the statement said.