DIA continues to fight off hackers as cyberattacks knock U.S. airport websites offline

DIA has been unaffected and websites for some major U.S. airports are recovering. Officials say flights have not been affected.
3 min. read
“Relax” by Electroland in the quiet annex of Denver International Airport’s A concourse. Nov. 17, 2021.
Kevin J. Beaty/Denverite

Cyberattacks against Denver International Airport began at 11 a.m. Monday morning and have continued throughout the day. But, according to DIA officials, they have not been successful so far.

"Similar to many other U.S. airports, DEN's website has been targeted," said airport PIO Stephanie Figueroa in an email.

"The attackers are attempting to overwhelm our website so that it becomes unavailable to the public."

The apparently coordinated denial-of-service attack organized by pro-Russia hackers rendered the websites of some major U.S. airports unreachable early Monday, though officials said flights were not affected.

The denial-of-service attacks -- in which participants flood targets with junk data -- were orchestrated by a shadowy group that calls itself Killnet. On the eve of the attacks, the group published a target list on its Telegram channel.

The same group claimed to be behind an attack on the state's Colorado.gov website last week.

"At this time, the attacks have not been impactful," Figueroa said. "Though we are closely monitoring these attacks and any others."

Figueroa said DIA is sharing information with Transportation Security Administration, Cybersecurity and Infrastructure Security Agency, and other airports. Meanwhile, state officials have warned that cyberattacks may become more common for utilities, municipal services and governments.

"We are all driven by technology," Colorado's Chief Information Security Officer Ray Yepes said last week after cyber attacks affected local governments earlier this year. "The water system can be affected by cyberattacks, transit can be affected by cyberattacks. Anything that we do nowadays in our life depends on technology."

While highly visible and aimed at maximum psychological impact, DDoS attacks are mostly a noisy nuisance.

These attacks are different from hacking that involves breaking into networks and can do serious damage.

"We noticed this morning that the external website was down, and our IT and security people are in the process of investigating," said Andrew Gobeil, a spokesman for Atlanta's Hartsfield-Jackson International Airport. "There has been no impact on operations."

Portions of the public-facing side of the Los Angeles International Airport website were also disrupted, spokeswoman Victoria Spilabotte said. "No internal airport systems were compromised and there were no operational disruptions."

Spilabotte said the airport notified the FBI and the TSA, and the airport's information-technology team was working to restore all services and investigate the cause.

Several other airports that were included on Killnet's target list reported problems with their websites.

The Chicago Department of Aviation said in a statement that websites for O'Hare International and Midway airports went offline early Monday but that no airport operations were affected.

Last week, the same group of hackers claimed responsibility for denial-of-service attacks on state government websites in several states.

John Hultquist, vice president for threat intelligence at the cybersecurity firm Mandiant, tweeted that denial-of-service attacks like those aimed at the airports and state governments are usually short in duration and "typically superficial."

"These are not the serious impacts that have kept us awake," he said.

Such attacks instead tend to reveal insufficient attention by webmasters to adequate bulletproofing of sites, which now includes DDoS protection service.

Recent Stories