Pro-Russian Hackers Target European Air Traffic Control

Europe’s air-traffic agency appears to be the latest target in pro-Russian miscreants’ attempts to disrupt air travel.

Eurocontrol confirmed on Friday its website has been “under attack” since April 19, and said “pro-Russian hackers” had claimed responsibility for the disruption.

“The attack is causing interruptions to the website and web availability,” a spokesperson told The Register. “There has been no impact on European aviation.”

Eurocontrol coordinates commercial traffic between 41 states, including the EU and their national air-traffic control entities. The outage reportedly jammed the agency’s communication systems and forced some smaller airlines to use older technology to manage flight schedules, including a fax-era backup system.

The Eurocontrol spokesperson declined to answer The Register‘s specific questions about the incident, including which systems had been affected, when the organization expected to be fully back online, and whether Killnet was the responsible for the apparent distributed-denial-of-service (DDoS) attacks, as the pro-Kremlin crew claimed on its Russian-language Telegram channel. 

“From today, a Eurocontrol marathon is being held, lasting 100 hours,” the post said.

The Wall Street Journal first reported the Eurocontrol website woes, citing a “senior official familiar with the situation,” who said that air-traffic safety wasn’t at risk. However, the agency’s internal and external communication was affected, and this reportedly forced the organization’s 2,000 employees to use other commercial communication tools.

“It’s been a heavy cyber battle and while operations are entirely safe, doing other things has been difficult,” the official told the Wall Street Journal.

Last October, Killnet claimed responsibility for knocking more than a dozen US airports’ websites offline in a large-scale DDoS attack. And more recently in February, the miscreants downed German airport websites in a similar fashion.

These types of takedowns don’t require much technical know-how, and there’s a range of open-source DDoS tools that hacktivists can use to flood target organizations’ networks with junk traffic. Both of these things make DDoS attacks relatively easy — and, thus, attractive — for miscreants looking to pull off publicity stunts, but they’re seldom more than “nuisance-level” with the right security setup.

The “relatively-unsophisticated” hacktivist crew, which sprang up as a pro-Russia DDoS gang during the Ukraine war, has been urging its affiliates to launch similar network-traffic flooding events against US and European critical infrastructure websites as the West increases its support for Ukraine.

Most recently this included a DDoS attack that shut down nine Danish hospitals’ websites for a few hours in February, but did not have any life-threatening impact on the medical centers’ operations or digital infrastructure.

A month earlier, Anonymous Sudan took credit for a traffic tsunami against the websites of the German foreign intelligence service and the Cabinet of Germany, in support of Killnet and in response to the country’s plan to send tanks to Ukraine. ®

READ MORE HERE