Cyber Incident Victim: St. Louis Lambert International Airport
Date:
Oct 2022
Location:
United States of America
Summary
St. Louis Lambert International Airport experienced a website outage due to an apparent coordinated denial-of-service cyberattack, part of a broader incident affecting multiple major U.S. airports including those in Atlanta and Los Angeles. The attack temporarily disrupted access to the airport's website, prompting the establishment of a hotline for passenger information while flight operations remained unaffected. A pro-Russian hacker group called Killnet claimed responsibility for the incident, having previously published target lists on its Telegram channel. Key website functionalities, such as real-time parking lot occupancy checks, were unavailable during the disruption, though services were restored within hours. The incident mirrored similar cyber disruptions targeting other critical infrastructure entities during this period.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On October 10, 2022, St. Louis Lambert International Airport experienced an outage of its public-facing website due to an apparent cyberattack. The disruption began early Monday morning and persisted until approximately 3 p.m., when airport officials successfully restored normal functionality. Roger Lotz, an airport spokesman, confirmed the incident did not impact airport operations, with flights continuing normally throughout the event. During the outage, critical passenger services typically accessible via the website—such as flight arrival and departure information—remained available through alternative channels, including direct access to airline websites. The airport established a dedicated hotline to assist travelers seeking information usually provided online. The primary service affected was the real-time parking lot capacity monitoring tool, which became temporarily unavailable. Lambert officials maintained communication with passengers throughout the incident, emphasizing that physical airport systems controlling security, baggage handling, and air traffic operations remained unaffected.
The incident formed part of a broader coordinated denial-of-service campaign targeting multiple major U.S. airports that same day, as reported by the Associated Press. Other affected facilities included Atlanta’s Hartsfield-Jackson International Airport and sections of Los Angeles International Airport’s online presence, though flight operations at all locations remained unimpaired. The pro-Russian hacker collective Killnet claimed responsibility for the attacks, having previously published a target list on its Telegram channel that included Chicago’s O’Hare International Airport, whose website also experienced significant slowdowns. This campaign followed a separate series of cyberattacks against state government websites across the United States the preceding week, which the same hacker group allegedly orchestrated. Federal authorities and airport cybersecurity teams monitored the situation as multiple aviation entities implemented defensive measures to restore and maintain critical digital services while investigating the extent of the disruptions.