Pro-Russian hackers who targeted Kentucky government websites last week appear to have affected websites at US airports inside and outside the Commonwealth.
At least five US airports reported temporary website outages that occurred on Monday. Muhammad Ali International Airport in Louisville and CVG Airport near Cincinnati were among those affected.
The website issues arose after Russian hacker group Killnet posted an online message containing dozens of US airport website URLs, encouraging hackers to target them.
Muhammad Ali International is overseen by the Louisville Regional Airport Authority. Natalie Chaudoin, director of public relations for the authority, said in a statement Tuesday that the website problems began around 1:45 p.m. Monday and ended by late afternoon.
“There was no impact on airport operations or the Louisville Regional Airport Authority’s internal network during this time,” Chaudoin said.
While she acknowledged the timing of the outage coincided with other US airports, she said there were “no confirmed sources of the issues.”
However, Mindy Kershner, CVG’s senior director of communications, directly attributed the disruptions to its airport website to part of a larger-scale attack.
“The CVG airport website was impacted intermittently [Monday] due to DDoS attacks. No other airport system has been compromised,” Kershner said in a statement.
According to Ken Calvert, a professor at the University of Kentucky who teaches network security, distributed denial of service, or DDoS, the attacks work by hacking into people’s computers. Hackers install software on them to send large amounts of information to the website they are targeting. This can cause connections to the website to be slowed down or completely blocked.
“If you take thousands, or tens of thousands, or even more of these machines, and have them all send information to the victim’s website at once, it will overwhelm that server and that service,” Calvert said. .
He added that these attacks should be nothing to worry about and said crucial airport operations are harder to compromise than their public-facing websites.
“I wouldn’t want to give people the idea that, you know, the sky is falling on us. I mean, nothing has really changed in terms of internet security,” Calvert said.
Kentucky Interactive, LLC, is a contractor that operates the Capital Airport website and other state government web services. Carlos Luna, its chief executive, said in a brief statement on Wednesday that the airport’s website “has experienced no downtime.”
Just a few days ago, Killnet claimed responsibility for disrupt multiple US state government websites, including that of Kentucky. They took down web pages for the Kentucky Board of Elections and the Kentucky Department of Education, among others.
A Kentucky Interactive spokesperson said last week there was no evidence the attack affected data security.