The DDoS attacks affected the websites of major U.S. airports, including Los Angeles International (LAX), Hartsfield-Jackson International (ATL), and Chicago O’hare (OHD). While the attacks made their websites slow or temporarily unavailable, it doesn’t seem to have affected flight schedules or other activities at these airports. The incident reportedly only impacted the public-facing side of the airport websites. So far, none of the airports have reported a breach of its systems. At the time of this writing, only a few websites were accessible. Meanwhile, Killnet claims it blocked the network infrastructure of JPMorgan Chase & Co late on Monday. However, JPMorgan has been quick to dismiss the alleged exploit. A spokesperson for the bank said while they are aware of the supposed compromise, there has been no noticeable effect on its systems. “We continue to closely monitor activity,” the spokesperson said.
Killnet’s Campaign to Disrupt U.S. Services
In a message on Telegram before the attack, Killnet listed the websites of over two dozen airports in various states. It is unclear if the group managed to disrupt all their targets. Killnet is known to carry out DDoS attacks on targets in countries that oppose Russia’s ongoing invasion of Ukraine. Earlier this year, the group launched DDoS attacks on government and private organizations in Lithuania. Until recently, Killnet’s targets have mainly been in Europe. However, the group appears to be shifting its focus to the U.S. Last week, Killnet launched DDoS attacks on several state government websites in the U.S. The group is intent on orchestrating DDoS attacks on other U.S. organizations. Killnet has reportedly identified other vulnerable targets, which include the websites of sea terminals and logistics facilities, healthcare systems, subway transport systems, weather monitoring services, and exchanges and online trading systems.
What is a DDoS Attack?
DDoS is a cyberattack where a malicious actor attempts to overwhelm a targeted website with internet traffic. DDoS attacks place a heavy load on the target’s servers, and this eventually causes the website to become unavailable. You can check out our detailed explainer on DDoS attacks to learn more. Killnet reportedly uses custom software to create fake requests and direct traffic to the targeted websites. While a DDoS attack can affect websites and web-based services, its effect is disruptive at best. John Hultquist, vice president at Google’s Mandiant cybersecurity firm, played down the significance of DDoS attacks. “DDoS attacks are favored by actors of varying sophistication because they have visible results, but these incidents are usually superficial and short lived,” Hultquist told CNN. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigations (FBI) are reportedly looking into Killnet’s recent attacks on U.S. organizations.