Before making speculative leaps into a quagmire of anxiety and fear, realize that the airport system attacks are likely the best efforts that the cyber attackers could muster. If they could have penetrated air traffic control or the Transportation Security Administration, they likely would have. Such attacks would have been far more disruptive and impacted many more people. What was attacked was nothing more than outwardly focused websites that have no direct influence on airport operations or security.
These peripheral website attacks achieved little more than inconvenience to anyone attempting to use the site to gain flight or airport information. Their most damaging aspect was the perception that they created.
The cyber space is the new military battleground. Battles are being waged every day, whether they are phishing attacks to gain personal or financial information from unsuspecting users, or ransomware attacks on organizations for financial gain.
The cybersecurity industry has grown into a multibillion-dollar industry. As more bad actors attempt to infiltrate cyber systems, cyber protections continue to evolve, attempting to stay one step ahead of the perpetrators.
The recent airport website cyberattacks illustrate several possible scenarios.
One possibility is that this is the best that the cyber criminals were able to achieve, and hope to observe the reactions and responses. If that is the case, then the cyber protections in place are amply hardened to neutralize such bad actors.
Another possibility is that this attack represents a diversion for something more egregious that is in the works. This should keep all critical infrastructure systems in a constant state of vigilance for the foreseeable future.
Any time a cyberattack is made, the cyber terrorists reveal something of themselves. There are no free lunches with such events. Whether it be their identity, their sources, or their strategy, cybersecurity intelligence has gathered significant information that will invariably lead to better protection in the future.
The good news about the recent attack is how feeble it was, and the information it revealed about the perpetrators.
What will come next is anyone’s guess. Most importantly, remaining vigilant, communicating clearly and quickly if another attack occurs, and responding appropriately, will all ensure that everyone remains safe. This is sound advice under any set of circumstances.
Sheldon H. Jacobson, Ph.D., is founder professor of computer science at the University of Illinois.
More on cyberattack against Hartsfield-Jackson airport
The Atlanta Journal-Constitution’s Kelly Yamanouchi reported Monday that our airport was affected by the cyberattack. She wrote:
Hartsfield-Jackson International Airport’s website was temporarily down and displayed an error message for a period on Monday morning, amid reports of a hacking group targeting airport websites around the country.
The outage did not affect airport operations, according to an airport spokesman. Some travelers use Hartsfield-Jackson’s website for information on airport parking lots and concessions, along with links to security wait times and other resources.
The U.S. Cybersecurity & Infrastructure Security Agency issued an alert earlier this year saying Russia’s invasion of Ukraine could expose organizations to increased malicious cyberactivity. It said Killnet, a pro-Russian hacking group, claimed credit for carrying out a cyberattack against a U.S. airport in March 2022 in response to U.S. support for Ukraine.
Hartsfield-Jackson said it is investigating the cause.