Eurocontrol, the European air traffic control agency, has revealed that it has been under cyber attack for the last week, and says that pro-Russian hackers have claimed responsibility for the disruption.
When you first see the headline in the likes of the Wall Street Journal, it's a scary thing to read.
But dig a little deeper, and you realise that the err.. sky is not falling.
Because what is actually happening is that Eurocontrol's public website is what has suffered a distributed denial-of-service (DDoS) attack.
The attack appears to have begun on April 19, when the pro-Kremlin hacking collective known as Killnet said on a Telegram that they were launching a "Eurocontrol marathon... lasting 100 hours."
Yes, that's a nuisance to anyone who might have a need to visit Eurocontrol's website to - I don't know - read press releases about what Eurocontrol has been up to. But it's very different from, say, actually managing to have an impact on anyone trying to fly on a plane in Europe.
According to the International Air Transport Association, air traffic has been operating normally. Yes, access to Eurocontrol's website has been affected, but the air traffic control authority says "there has been no impact on European aviation."
Yes, it's undoubtedly a nuisance for some if Eurocontrol's website is knocked offline by a DDoS attack, or becomes difficult to access, but the website itself is not used for critical operations that could impact flight safety but is rather a way of sharing public information.
Embarrassing for Eurocontrol? Perhaps. Inconvenient? Yes. According to the report in the Wall Street Journal, Eurocontrol's approximately 2000 employees were advised to use alternative methods for internal and external communication during the disruption.
But something to lose sleep over if you're flying on a plane this afternoon? Definitely not.
On Telegram, Killnet hackers said Eurocontrol had been targeted due to its links to NATO, and its support for Ukraine.
Pro-Russian activists have been using Telegram in an attempt to rally hackers into attacking Ukraine and its allies, and as the BBC reports, some may have links to the Russian military.
tags
Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s.
View all postsNovember 14, 2024
September 06, 2024