A cyber attack launched by pro-Russian hackers on Europe’s air-traffic control agency has paralyzed air traffic employee operations.
On April 20, some 2,000 employees of the European Organization for the Safety of Air Navigation (EOSAN) could not use internal and external communication channels due to the attack, according to the Wall Street Journal. The employees had to resort to using commercial channels.
Though the hackers did not gain access to the the agency’s air-traffic control IT systems, they penetrated its website and caused it to malfunction. “The attack is causing interruptions to the website and web availability,” a statement on the agency’s website reads.
A heavy cyber scuffle
EOSAN, also called Eurocontrol, was forced to inform travelers to use other platforms and avoid its online system when filing flight plans as connectivity problems persisted. “It’s been a heavy cyber battle and while operations are entirely safe, doing other things has been difficult,” a Eurocontrol spokesperson told the Journal.
On April 19, a post on the app Telegram by pro-Russian hacking group KillNet called for black hat hackers to offer support for a marathon distributed denial-of-service (DDoS) attack on Eurocontrol meant to last for “100 hours.” A DDoS attack typically makes services unavailable to users by exploiting a software or hardware vulnerability or by saturating a network’s bandwidth.
The hackers said in the post that they wanted to suppress Eurocontrol’s activities as it was linked to North Atlantic Treaty Organization (NATO), which supports Ukraine in the war against Russia. Killnet threatened to “cause great discomfort to all airline companies in Europe.”
KillNet has a history of DDoS attacks
Last October, KillNet claimed responsibility for a DDoS on US airlines that crippled online services at major airports, leaving travelers stranded.
KillNet has carried out numerous cyber attacks in Europe since the war in Ukraine began, affecting more than 30 airports in total.
According to a February Thales’s Cyber Threat Intelligence report, there were almost as many war-related cyber attack incidents in EU countries as there were in Ukraine (85 versus 86) in 2022.
But most of the attacks—80.9%—have been directed towards the EU in the first quarter of this year. The survey says that 75% of all attacks against companies and governments are DDoS.
“In the third quarter of 2022, Europe was dragged into a high-intensity hybrid cyber-war at a turning point in the conflict, with a massive wave of DDoS attacks,” Pierre-Yves Jolivet, VP of cyber solutions at Thales says in the report. “Cyber is now a crucial weapon in the arsenal of new instruments of war.”
Surveys show that of the $3 trillion generated by the global digital economy, 20% of it, or $400 billion, is lost to cybercrime (pdf).