© 2022 Louisville Public Media

Public Files:
89.3 WFPL · 90.5 WUOL-FM · 91.9 WFPK

For assistance accessing our public files, please contact info@lpm.org or call 502-814-6500
89.3 WFPL News | 90.5 WUOL Classical 91.9 WFPK Music | KyCIR Investigations
Play Live Radio
Next Up:
0:00
0:00
Available On Air Stations

2 Kentucky airport websites disrupted after threat by pro-Russian hackers

Louisville Airport
Ken Lund/Creative Commons
/
Louisville Muhammad Ali International Airport was one of two Kentucky airports targeted by pro-Russian hackers on Monday.

Pro-Russian hackers who targeted Kentucky government websites last week appear to have affected U.S. airport websites in and outside the Commonwealth.

At least five American airports reported temporary website outages occurring Monday. Louisville Muhammad Ali International Airport and CVG Airport near Cincinnati were among those impacted.

The website issues came after the Russian hacker group Killnet posted an online message with dozens of U.S. airport website URLs, encouraging hackers to target them.

The list included the websites for Muhammad Ali International, CVG and the state-owned Capital City Airport in Frankfort.

Muhammad Ali International is overseen by the Louisville Regional Airport Authority. Natalie Chaudoin, the authority’s director of public relations, said in a statement on Tuesday that website issues began at around 1:45 p.m. Monday and ended in the late afternoon.

“There were no impacts to airport operations or the internal network for the Louisville Regional Airport Authority during this time,” Chaudoin said.

While she acknowledged the timing of the outage coincided with those of other U.S. airports, she said there was “no confirmed source of the issues.”

However, Mindy Kershner, CVG’s senior manager of communications, directly attributed her airport’s website disruptions to part of a larger-scale attack.

“CVG Airport’s website was intermittently impacted [Monday] due to the DDoS attacks. No other airport systems were compromised,” said Kershner in a statement.

According to Ken Calvert, a University of Kentucky professor who teaches network security, distributed denial of service, or DDoS, attacks work by hacking people’s computers. Hackers install software on them to send large amounts of information to the website they’re targeting. That can result in slowing down or blocking connections to the website entirely.

“If you take thousands, or tens of thousands or even more of these machines, and you get them all to send information to the victim website at the same time, it will overwhelm that server and that service,” Calvert said.

He added that these attacks shouldn’t cause concern, and said that crucial airport operations are more difficult to compromise than their public-facing websites.

“I wouldn’t want to give people the idea that, you know, the sky is falling. I mean, nothing's really changed in terms of the security of the internet,” Calvert said.

Kentucky Interactive, LLC, is a contractor that manages the Capital City Airport website and other state government web services. Carlos Luna, its general manager, said in a brief statement Wednesday that the airport website “has not experienced any downtime.”

Just days ago, Killnet claimed responsibility for disrupting several American state government websites, including Kentucky’s. They knocked out web pages for the Kentucky Board of Elections and the Kentucky Department of Education, among others.

A Kentucky Interactive spokesperson said last week there was no evidence the attack affected data security.

Jacob is LPM's Business and Development Reporter. Email Jacob at jmunoz@lpm.org.