Los Angeles International Airport is Back Up and Running after a Hacker Gossing Through its Web Site: A Response to a Call to Action
There was no impact on flights after several U.S. airport websites were taken down by a pro-Russian hacker group.
The website of the Los Angeles International Airport seemed to be back up and running this morning after being offline for a while. A spokesman did not immediately return a request for comment.
To be sure, a flurry of suspected Russian cyberattacks have hit various Ukrainian industries, and some of the hacks have correlated with Russia’s military objectives. But the kind of high-impact hack that takes out power or transportation networks have largely been missing.
The type of cyberattack used by Killnet is known as “distributed denial of service” (DDoS), in which hackers flood computer servers with phony web traffic to knock them offline.
There is still a large place for distributed denial of service attacks within modern hacktivism. The FBI says the people behind the attacks have very little impact on their victims. The FBI says that hacktivists often use targets perceived to be more significant than actual disruptions of operations. In other words: The bark is often worse than the bite.
Other U.S. sites that could be affected by a similar attack include sea terminals and logistical facilities, weather monitoring centers, health care systems, subway systems, and exchanges and online trading systems.
The group urged hackers to participate in a distributed denial of service attack which is when a computer network is flooded with simultaneous data transmissions.
The group’s call to action included airports across the country, including Alabama, Arizona, Arkansas, California, Colorado, Connecticut, Delaware, Florida, Georgia, Hawaii, Idaho, Illinois, Indiana, Iowa, Kansas, Kentucky, Louisiana, Maryland, Massachusetts, Michigan, Minnesota, Mississippi, and Missouri.
“The service interruption was limited to portions of the public facing FlyLAX.com website only. There were no operational disruptions or compromised internal airport systems, the spokeswoman said in an email.
She added that the airport’s information technology team has restored all services and is investigating the cause. Officials have also notified the FBI and the Transportation Security Administration.
By about 1 p.m. in Atlanta, authorities said ATL.com was “up and running after an incident early this morning that made it inaccessible to the public.” Some people complained about the site being unavailable for several hours after the announcement was made.
The group congratulated a handful of teams they claimed helped push the sites offline, writing, “Who is participated in the liquidation of the United States of America, Do not stop!!”
It was alleged that the group launched another wave of cyberattacks last week. The group credit was given for encouraging hacker to down state government sites.
Both campaigns appear to have been prompted by anti-U.S. sentiment for the country’s involvement in the ongoing war in Ukraine, as Russian President Vladimir Putin presses on with the invasion despite severe economic sanctions.
The recent Russian strikes on Ukrainian energy infrastructure were an unmistakable sign of that. It was the Russian military hacking that led to the fall of a quarter million Ukrainians in 2015.
By Monday 40% of the people of Kyiv were without water and there were widespread power disruptions across the country. Ukrainian President Volodymyr Zelensky accused Russia of “energy terrorism” and declared that about 4.5 million Ukrainian consumers were cut off from the power supply.
The Russian Cyber Attacks on the Ukrainian Bridge: “Not Petya” Kills Ukrainian Cyber Officials During Ukraine’s Hybrid War
Effectively combining cyber and kinetic operations “requires a high degree of integrated planning and execution,” argued a US military official who focuses on cyber defense. There is no way that the Russians can pull that sh*t off between their aviation, assault and ground forces.
Putin was trying to go for a showy response to the attack on the bridge after it happened as he had to plan cyber operations for months, a senior US official said.
Ukrainian cyber officials have had to dodge shelling for a while, since they are protecting the government networks from Russia and criminal hackers.
The State Service of Special Communications and Information Protection ( Sputnik) said in a press release that they were killed in missile attacks on October 10. The four officials did not have cybersecurity responsibilities, but their loss has weighed heavily on cybersecurity officials at the agency during another grim month of war.
“I don’t think Russia would measure the success in cyberspace by a single attack,” the Western official said, rather “by their cumulative effect” of trying to wear the Ukrainians down.
In 2017, as Russia’s hybrid war in eastern Ukraine continued, Russia’s military intelligence agency unleashed destructive malware known as NotPetya that wiped computer systems at companies across Ukraine before spreading around the world, according to the Justice Department and private investigators. The incident cost the global economy billions of dollars.
That operation involved identifying widely used Ukrainian software, infiltrating it and injecting malicious code to weaponize it, said Matt Olney, director of threat intelligence and interdiction at Talos, Cisco’s threat intelligence unit.
The end product was just as effective as the various measures that were taken to respond to the cyber incidents. “And that takes time and it takes opportunities that sometimes you can’t just conjure.”
Source: https://www.cnn.com/2022/11/05/politics/russia-cyber-attacks-missiles-ukraine-blackouts/index.html
Russia’s cyber arsenal has not been communicated to the international community for months – a remark on the past four or five years
Zhora, the Ukrainian official who is a deputy chairman at SSSCIP, called for Western governments to tighten sanctions on Russia’s access to software tools that could feed its hacking arsenal.
“We should not discard the probability that [Russian government hacking] groups are working right now on some high-complexity attacks that we will observe later on,” Zhora told CNN. Russian military hackers and government controlled groups are not likely to be on vacation or out of business.
Tanel Sepp, Estonia’s ambassador-at-large for cyber affairs, told CNN that it’s possible the Russians could turn to a “new wave” of stepped up cyberattacks as their battlefield struggles continue.
“Our main goal is to isolate Russia on the international stage” as much as possible, Sepp said, adding that the former Soviet state has not communicated with Russia on cybersecurity issues in months.
It was definitely withering for a long period of time, says the principal threat researcher at the security firm. For the past four or five years, Guerrero-Saade explains, hacktivism has often existed at extremes: low-level disruptions and more sophisticated attacks that could be cover for a nation-state’s hacking. There are so many more players in the space and a lot of beefier middle ground between those two extremes.