NewsCovering Colorado


Recent cyberattacks in Colorado could be linked to war in Ukraine

US officials: Russian 'digital fingerprints' all over election hacks
Posted at 9:51 AM, Oct 19, 2022
and last updated 2022-10-19 11:51:33-04

October has brought a slew of cyberattacks to Colorado, and it could be connected to the war in Ukraine.

This month the website was hacked and shutdown. Then, Denver International Airport spent a day fighting a cyberattack on its website, along with more than a dozen other airports across the country.

These attacks are different than what cybersecurity officials have seen in the past because there’s no ransom. So why do it?

“We're seeing more of the hacktivism to actually disrupt business and just be more of a general pain,” said Justin Whitehead, CEO of Digital Silence, a Colorado-based cybersecurity company.

A pro-Russia hacker group called Killnet took responsibility for the airport website hacks.

Killnet has been ramping up activity since the beginning of the Russian invasion of Ukraine, retaliating against Ukrainian allies.

“One of the things I would definitely say, you know, utility companies can be a very easy target — be hit in the same kind of attack, even though it was a denial of service attack. It's a good old fashioned attack,” Whitehead said.

Whitehead believes the hackers had a fundamental misunderstanding of Americans when targeting government and airport websites, which see more everyday use by the public in Europe but are not as essential in the United States.

What’s clear is these hacks are revealing our vulnerability. That’s why Weld County changed its website last week from a .com to a .gov for better security — something they said in the past was an expensive and complicated process.

“Everybody looks for the return on value, the ROI, the return on investment. It's hard to quantify until you've actually been attacked what that ROI is,” Whitehead said. “It's not a large sum of money, but some places can't afford it."

One reason we are hearing about more attacks is they are now required to be reported to the Cybersecurity and Infrastructure Security Agency to be investigated.