The attacks were carried out by a group of pro-Russian hackers known as Killnet, according to John Hultquist, vice president for intelligence at Mandiant, an American cybersecurity firm. Killnet called for coordinated denial-of-service attacks on cyber targets from a list it posted on its Telegram channel — a list that included several major U.S. airports. Denial-of-service attacks occur when a target is flooded with traffic until it can’t respond or crashes.
Though highly visible, Hultquist characterized such attacks more as a “public nuisance” than serious security threats because they don’t target major internal systems that might affect an airport’s operations. Still, when they do take place, he said, they are effective in drawing public attention.
Officials at the Cybersecurity and Infrastructure Security Agency, which is charged with understanding, managing and reducing risks to the nation’s cyber and physical infrastructure, did not respond to request for comment Monday.
The Port Authority of New York/New Jersey said LaGuardia Airport’s website experienced a denial of service incident regarding 3 a.m. Monday that resulted in intermittent delays for those who tried to access the site.
“The Port Authority’s cybersecurity defense system did its job by detecting the incident quickly, addressing the problem in 15 minutes, and enabling us to alert others by notifying federal authorities immediately,” the agency said in a statement, adding that there was no effect to any Port Authority facilities.
At Denver International Airport, the attack began around 11 a.m., officials said.
Los Angeles International Airport managers said in a statement the airport’s website was partially disrupted, limited to portions of the public-facing site. They said the airport’s information technology team restored all services and is investigating the cause.
“No internal airport systems were compromised and there were no operational disruptions,” the statement said.