Killnet Strikes Again: US Airports Hit by Cyber Attacks, and Russia Is the Top Suspect
ABOVE: Gordon Lawson, the CEO of Conceal, a cybersecurity firm, appeared on Tuesday's edition of CBN News's Faith Nation to talk about how the United States and NATO can respond to these cyber attacks.
All signs point to Russia as the origin country for a coordinated hacking attack targeting the biggest U.S. airports.
White House National Security Council Coordinator John Kirby says it's "too soon to know" if the Russian government itself is behind the so-called "denial-of-service" attacks.
"We're investigating this and looking at this. Obviously, it's of concern," he said. "Certainly we're grateful that no airport operations were affected. No safety was put at risk but we're looking into this and we'll take that seriously."
Computer engineers and programmers are scrambling to protect airport websites after New York's LaGuardia Airport's website was targeted by hackers.
The attacks — in which hackers flood their targets with junk data — were orchestrated by a shadowy group that calls itself Killnet. On the eve of the attacks, the group published a target list on its Telegram channel.
The hackers targeted more than a dozen of America's busiest airports, including Atlanta, LAX, and Chicago's O'Hare.
"We noticed this morning that the external website was down, and our IT and security people are in the process of investigating," Andrew Gobeil, a spokesman for Atlanta's Hartsfield-Jackson International Airport, said on Monday evening. "There has been no impact on operations."
While highly visible and aimed at maximum psychological impact, denial-of-service attacks are mostly a noisy nuisance, different from the type of hacking that involves breaking into networks to inflict serious damage.
Gordon Lawson, the CEO of Conceal, a cybersecurity firm, is also a former U.S. Navy officer who served in the Middle East and Africa. During an interview with CBN News's Faith Nation on Tuesday, he was asked if Killnet has any official links to the Russian government.
"I think it's always difficult to tell how the official links are," he replied. "I think it's pretty well understood in the national security community that certainly there is past support for these criminal organizations conducting these cyber operations."
Lawson explained there are some things the U.S. and its NATO allies can do to respond to these cyber attacks.
"First off, we need to continue as a nation with our allies to put pressure on Russia. Their behavior in Ukraine is abhorrent," he said.
"But I think really the most important thing that the United States can do and our NATO allies can do is we need to strengthen our cyber defenses," Lawson noted. "We need to make sure that our critical infrastructure, as we are seeing with these airports, are really hardened from these types of attacks."
"Now the good thing is that the DDoS attack is really more of an annoyance than something that can cause catastrophic harm," he continued. "But at the same time, we have to continue to invest in the cyber defenses that will protect against these sorts of operations and make our infrastructure more resilient."
CBN News asked Lawson if a denial-of-service attack jamming airport websites with data could lead to a dangerous outcome.
"Absolutely," the cybersecurity firm CEO replied. "The web and browsers really are the internet. Connectivity is the new edge of cybersecurity. Almost every vulnerability can be traced to that and the vectors that affect those applications come through the internet."
"So yes, these things can always get worse," Lawson said. "I think also denial-of-service can often lead or be a foil for a ransomware attack. And we've seen a ransomware attack occur in the nation with one of the largest healthcare providers this week as well that's reported to have 20 million people's personal data being leaked."
He also noted that these cyber attacks "are only the first salvo, if you will, in cyber warfare."
"So we have to continue to make folks understand how significant the threat is," Lawson explained. "Continue to invest in cyber defenses and really do everything we can to make sure we know that this is a threat that's not going to stop."
Killnet has a history of attacking NATO allies since Russia's invasion of Ukraine began last February. The group has also claimed responsibility for taking down a U.S. congressional website this summer.
CBN News also asked Lawson how well-prepared the United States is to defend against such future cyber attacks.
"I think there's a spectrum here," he replied. "When you think about large banks, large organizations, Fortune 100, they have very large cyber budgets and they are investing to mitigate these threats. Smaller companies, I'll give you an example, the Los Angeles Unified School District was under a massive ransomware attack that it has still not recovered from, where thousands of children's personal data were leaked. This was just a couple of weeks back. They did not have the same level of budgets as a top-tier financial institution for example."
"There needs to be continued investment," he added. "There are strong solutions out there that add value and can give people that minimal level. But it's certainly a problem that's not going away anytime soon."
Last week, Killnet also claimed responsibility for denial-of-service attacks on state government websites in several states.
But John Hultquist, vice president for threat intelligence at the cybersecurity firm Mandiant, tweeted that denial-of-service attacks like those aimed at airports and state governments are usually short in duration and "typically superficial."
"These are not the serious impacts that have kept us awake," he said.
***Please sign up for CBN Newsletters and download the CBN News app to ensure you keep receiving the latest news from a distinctly Christian perspective.***
