American cybersecurity stocks, including Crowdstrike Holdings Inc CRWD, Zscaler Inc ZS, Fortinet Inc FTNT, and Palo Alto Networks Inc PANW are down on Monday on the news that cyberattacks originating from within the Russian Federation have targeted some of the largest airports in the U.S.
What happened: “Killnet,” a pro-Russian hacker group, is believed to be behind the attacks that affected the websites of Des Moines International Airport, Los Angeles International Airport, and Chicago O’Hare International Airport, among others, according to an ABC News source.
Important to note — the targeted attacks do not impact air traffic control, internal airline communications and coordination, or transportation security.
According to John Hultquist, head of intelligence analysis at cybersecurity firm Mandian, there is no proof that the Russian government was behind the attack, despite organizations similar to Killnet being exposed as fronts for state-backed hackers.
Read also: Does Defeat Mean Death For Putin? As Ukraine Continues To ‘Slay The Giant’ With Palantir Software, CEO Alex Karp Says The Threat Of Nuclear War Is Real
“It’s an inconvenience,” the source said. The attacks have resulted in targeted denial of public access to web domains that report airport wait times and congestion — essentially, the websites for major international airports are down.
Why it matters: The denial of service attack affected more than a dozen airport websites, according to Hultquist. Sites are essentially overloaded by this kind of attack by flooding them with fake users.
The attacks were initially made public, according to ABC, at roughly 3:00 a.m. ET, when the Port Authority informed the Cybersecurity and Infrastructure Security Agency that the LaGuardia Airport system had been attacked.
Killnet, the group thought to be responsible for the attack, has been active since the start of the war in Ukraine, targeting Ukrainian allies and recently claiming responsibility for bringing down state government websites in the U.S.
The organization operates internationally and has been known to carry out attacks across Europe, according to cybersecurity experts.
Read the original article