Previous
Learn how PurpleSec’s experts can protect your business against the latest cyber attacks.
Author: Dalibor Gašić / Last Updated: 10/27/2022
Reviewed By: Michael Swanagan, CISSP, CISA, CISM
View Our: Editorial Process
Table Of Contents
In October 2022, a pro-Russian hacker group, Killnet, claimed responsibility for hacking several US airport websites.
As we know, the situation between Ukraine and Russia is not getting any better, and more and more countries are becoming involved in the overall situation.
As a result, cyber attacks are now a common occurrence between countries.
Although this was widely reported in our cyber circles, it was just another DDoS attack on US airport websites by the notorious “Killnet” hacking group.
The TSA (Transport Security Administration) issued a statement emphasizing that the cyber attack did not disrupt airport operations and that, while hackers were able to take the websites offline, they did not gain access to airport systems.
Airports in Alabama, Arizona, Arkansas, California, Colorado, Connecticut, Delaware, Florida, Georgia, Hawaii, Idaho, Illinois, Indiana, Iowa, Kansas, Kentucky, Louisiana, Maryland, Massachusetts, Michigan, Minnesota, Mississippi, and Missouri responded to the group’s call to action.
Killnet is a pro-Russia hacker group known for conducting DoS (denial of service) and DDoS (distributed denial of service) attacks on government institutions and private companies in several countries during the Russian invasion of Ukraine in 2022.
The group is thought to have formed around March 2022.
Killnet is not the same as Russia’s highly skilled hackers working for its intelligence agencies’ groups like Fancy Bear and Sandworm, which have gained notoriety through hacks of US government systems.
Democratic National Committee and the release of the devastating ransomware NotPetya, respectively.
Killnet, on the other hand, resembles an enraged, nationalist online mob armed with low-level cyber-offensive tools and tactics. Its main achievement is in establishing a narrative about the war.
This group is also popular on the Telegram network, where they have about 90k subscribers on their channel “WE ARE KILLNET.”
There are memes that criticize Ukraine and the West in general, but they also post targets for their subscribers to attack – where we can also see a list of US airport websites that they targeted.
Killnet is the polar opposite of the “IT Army of Ukraine,” which is a Telegram channel set up to direct people to attack Russian websites, though they have more than double the subscribers (200k) and a focus on DDoSing rather than memes.
Killnet has targeted a wide range of countries, including:
The goal of each attack is to side with Ukraine and engage in anti-Russian activities.
One of the more interesting attacks was on Lithuania’s largest gas and energy supplier in July of this year, called the “biggest cyber-attack in a decade“.
In retaliation for Lithuania’s embargo on sanctioned Russian goods, the hacker group had previously carried out DDoS attacks against Lithuanian military, government, private, and public internet services and websites.
How PurpleSec Helps To Secure Your Organization
Our vulnerability management services and penetration testing services provide a holistic approach to securing what’s most important to you.
Based on some research through well-known networks and people who deal with hacking groups, we concluded that Killnet only wanted media attention in this attack, given that there was no serious impact other than the temporary destruction of US airport websites.
Many hacktivist groups act in this manner to express dissatisfaction and to inform the community that they are active.
From our side, you can consult with any of our cyber security experts who will help you defend against DDoS attacks and how to preemptively set up the infrastructure so that there are no unwanted consequences.
Related Articles:
Dalibor is a Senior Security Engineer with experience in penetration testing having recently served over 8 years in the Ministry of Internal Affairs in the Department of Cyber Security in Serbia.
Recent Attacks
Popular Articles