What’s In a Denial-of-Service Attack? This Week’s ‘Cyber Vandalism’ at US Airports Could Signal the Next Step In Russia’s War
Image by oOhyperblaster/ Shutterstock

What’s In a Denial-of-Service Attack? This Week’s ‘Cyber Vandalism’ at US Airports Could Signal the Next Step In Russia’s War

Monday's attacks on U.S. airports, including Los Angeles International Airport (LAX), were—on the surface—a nuisance, but experts say they could signal trouble ahead.

Russian cybercrime gang Killnet claimed the attacks on more than a dozen American airport websites, including Hartsfield-Jackson Atlanta International Airport (ATL), and Chicago O'Hare International Airport (ORD) along with LAX. The group listed its targets on its Telegram channel. For a time, the Distributed Denial-of-Service (DDoS) attacks—in which websites are flooded with “junk” traffic, overwhelming servers—either slowed or took the airports’ public sites offline completely, according to the Los Angeles Times.


Still, Infosecurity Magazine reported that the attacks had “no direct impact on airport operations.”

An attack like this wasn’t exactly unexpected. Multiple federal agencies authored an April 2022 cybersecurity advisory warning that the February Russian invasion of Ukraine might “expose organizations both within and beyond the region to increased malicious cyber activity.” It mentioned DDoS attacks and named multiple known cybercrime gangs, including colorfully named groups such as Salty Spider, Fancy Bear, and Killnet, which took down Connecticut’s Bradley International Airport in March.

Infosecurity Magazine’s story also noted that early press coverage about the April advisory was criticized for raising alarms about what some security experts wrote off as essentially “kids” making digital mischief.

But denial-of-service attacks aren’t simply cyber vandalism, said Bryan Hornung, CEO and founder of Philadelphia-based Xact IT Solutions.

“We usually see three types of DDoS attacks,” he said, “One, where they create a nuisance to let you know what they are capable of. Two, where they use DDoS to mask a more severe type of attack. Three, where they hold the network traffic hostage and demand a ransom to stop the DDoS attack.”

“In these cases,” Hornung continued, “there are plenty of other ways to stop the attack, so cyber criminals do not typically succeed with extortion regarding DDoS.”

Cybersecurity firm Tanium’s Director of Security Research Melissa Bischoping agreed that the attacks should be taken seriously. “The concept of a denial of service may seem inconvenient and annoying,” she told dot.LA, “but DDoS attacks can be used to take critical systems—or revenue-generating systems—offline, impacting your organization’s bottom line.”

Bischoping and Hornung agreed that these types of attacks could be used for pure disruption and nothing more. Still, Hornung said that often “we see DDoS attacks happening to divert the attention of technical people, so a different, more severe attack can be deployed.”

“How they are used depends on the attacker’s skill level, motivation, and the level of access they have obtained in the environment,” said Bischoping.

Any time there’s a chance for “increased economic disruption, social unrest and political uncertainty, cyber attacks also tend to increase,” Bischoping added.

“This can be due to ‘hacktivism,’” she continued, “nation-state efforts, or criminal activity for economic gain.” In addition, she said we should expect “all future military conflicts to have some cyber element to them, including the current ones.” For that reason, she said, it’s crucial to remain vigilant.

Asked if Russian losses in Ukraine will likely lead to more cyber attacks, Hornung replied, “The cyber war will intensify regardless of what happens in Ukraine.”

He also wasn’t ready to dismiss DDoSing as the work of independent groups acting alone.

“No cyber criminal activity in Russia happens without approval from Moscow,” Hornung said.

LA Tech Updates: TikTok pays Creators as Rivals Dig In, Amazon Reportedly Eyes Sears, J.C. Penny Stores
Photo by Bryan Angelo on Unsplash

Here are the latest updates on news affecting Los Angeles' startup and tech communities. Sign up for our newsletter and follow dot.LA on Twitter for more.

Today:

Read moreShow less
Taylor Soper, GeekWire
Taylor Soper is GeekWire's managing editor, responsible for coordinating the newsroom, planning coverage, and editing stories. A native of Portland, Ore., and graduate of the University of Washington, he was previously a GeekWire staff reporter, covering beats including startups and sports technology. Follow him @taylor_soper and email taylor@geekwire.com.
At UCLA, Robots Are Delivering Groceries, Pizza and Coffee

Students at the University of California, Los Angeles can now have pizza, coffee and groceries ferried to their dorms via six-wheeled autonomous robots.

Starship Technologies, a San Francisco-based robotic food delivery service launched in 2014 by two Skype co-founders, announced Wednesday it is adding the leafy Westwood campus to its roster of delivery locations after raising an additional $17 million in funding. The company started operating at the University of California, Irvine, last year.

Read moreShow less
Ben Bergman

Ben Bergman is the newsroom's senior finance reporter. Previously he was a senior business reporter and host at KPCC, a senior producer at Gimlet Media, a producer at NPR's Morning Edition, and produced two investigative documentaries for KCET. He has been a frequent on-air contributor to business coverage on NPR and Marketplace and has written for The New York Times and Columbia Journalism Review. Ben was a 2017-2018 Knight-Bagehot Fellow in Economic and Business Journalism at Columbia Business School. In his free time, he enjoys skiing, playing poker, and cheering on The Seattle Seahawks.

https://twitter.com/thebenbergman
ben@dot.la
RELATEDTRENDING
LA TECH JOBS
interchangeLA