KillNet is an openly pro-Russia “hacktivist” group thought to have formed shortly after Russia’s invasion of Ukraine. On Monday morning, the group posted a list of US airport websites to its Telegram channel, using the header “Your way out hackers, the list below is for you!” Just a few hours later, KillNet posted a screenshot from The Hunger Games movie franchise with the text “Let the Hunger Games begin in USA 2022.”
As with any DDoS attack, the group appears to have been using its own software to flood airports’ websites with artificial traffic, resulting in temporary incapacitation. Target websites are unavailable for extended periods of time, intermittently unavailable, or extremely slow to load. Some that have recovered from the attack (like ATL) now have firewalls inspecting individual requests before allowing users to access the domain.
While in-person airport operations have reportedly remained stable, the incapacitated websites likely made it difficult for travelers and their families to look up flight information, use online maps to navigate affected airports, or sort out their transportation plans. Some airport websites also help travelers book flights and obtain parking passes, meaning the attacks were not without economic impact.
KillNet, like most hacktivist groups, is not knowingly associated with any Russian government entity. That said, these DDoS attacks are believed to be the group’s latest attempt to “punish” the US for providing Ukraine with weapons and intelligence over the last several months. A few days ago KillNet attacked several US government websites, including Colorado’s state web portal, Mississippi’s state website, and Kentucky’s Board of Elections website, using similar measures. None of the attacks resulted in lasting damage, and all three sites are working normally at the time of writing.