The Hawaii Office of Homeland Security and the Office of Enterprise Technology Services are responding to a hacking incident on the websites of Hawaii airports that is “possibly linked to similar incidents across the country” carried out by the Russia-based hacker group Killnet, officials said Tuesday.
State officials said the attack in Hawaii was focused on systems hosting the landing page for 15 Hawaii airport websites, including Daniel K. Inouye International Airport in Honolulu.
“The State of Hawaii, in cooperation with federal partners, routinely works to prepare for and respond to cybersecurity-related incidents,” Gov. David Ige said in the news release. “This attack was focused only on the public-facing website for the airports and had no impact on internal systems, operations, or traveler safety.”
Killnet claimed responsibility for a number of cyberattacks on U.S. airport websites Monday.
The group posted a list of airports on the messaging app Telegram and urged hackers to participate in what’s known as a distributed denial-of-service — or DDoS — attack. A DDoS attack floods a network with simultaneous data transmissions.
In addition to Hawaii, the group’s call to action included airports in Alabama, Arizona, Arkansas, California, Colorado, Connecticut, Delaware, Florida, Georgia, Idaho, Illinois, Indiana, Iowa, Kansas, Kentucky, Louisiana, Maryland, Massachusetts, Michigan, Minnesota, Mississippi and Missouri.
It was not immediately clear how many were actually targeted and which attacks were successful.
Last week, Killnet claimed responsibility for DDoS attacks on state government websites in several states.
“We are in close contact with our federal partners at the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, and the Federal Bureau of Investigation regarding the situation,” OHS Administrator Frank Pace said in the news release.
“Events such as this highlight the importance of all organizations, public and private, remaining vigilant of cyber threats and implementing recommended security measures,” Pace said.
A spokesperson for OHS referred questions about how the hacks affected Hawaii websites to Hawaii Enterprise Technology Services, but ETS officials did not respond to the Honolulu Star-Advertiser’s request for comment.
DDoS attacks tend to be more of a nuisance compared to ransomware and other kinds of cyberattacks that can cripple networks and even shut down key infrastructure.
In April, DHS reported that its agents foiled an attempted cyberattack targeting an underwater cable linking Hawaii’s telephone, internet, cable and cellphone service.
According to the agency, it identified an “international hacking group” as the culprit of that hack and, working with international law enforcement, arrested a suspect in another country. DHS did not identify the hacking group, the suspect, or the country where the arrest took place.
Killnet, one of many international groups, is believed to have been established not long after Russia launched its military offensive in western Ukraine in late February, which marked major escalation of the war that began in 2014 when Russian troops marched into Ukraine and took over much of the country’s eastern regions.
The group was named in a joint alert in May by the cybersecurity agencies of the Five Eyes — an intelligence-sharing alliance of the U.S., Australia, Canada, New Zealand and the United Kingdom. The alert warned that the Russian government might be preparing cyberattacks in response to sanctions imposed on Russia in response to its latest campaign in Ukraine and that “some cybercrime groups have recently publicly pledged support for the Russian government.”
As Russia has suffered increasing setbacks on the battlefield, losing territory to Ukrainian forces and struggling to supply its forces on the ground, the cyberwar has ramped up.
Beyond the U.S., Killnet has claimed responsibility for or been linked to cyberattacks in Romania, Moldova, the Czech Republic, Lithuania, Latvia, Norway, Japan and most publicly, in Italy. During broadcasts of the 2022 Eurovision Song Contest hosted this May in Italy, hackers attempted to block the Eurovision website during Ukrainian performances and attacked sev- eral Italian government websites.