EU confirms ransomware attack caused major airport disruptions

/in /tarafından

The EU’s cybersecurity agency ENISA confirmed on Monday that a ransomware attack was behind the widespread disruptions to automated check-in systems at several of Europe’s largest airports, including London Heathrow, Brussels, and Berlin. The incident, which began on Friday, has delayed or cancelled dozens of flights and impacted thousands of passengers.

What happened

  • The attack targeted Collins Aerospace’s MUSE software, a key system used for passenger check-in and boarding. Collins Aerospace is owned by RTX.

  • ENISA said law enforcement is investigating but did not disclose the origin of the ransomware or who may be behind it.

  • Ransomware attacks work by encrypting critical data and demanding payment for access restoration.

Impact on airports

  • Heathrow: Airlines implemented contingency plans, with most flights still operating.

  • Brussels Airport: Still facing major disruptions, using iPads and laptops to check in passengers. On Monday, about 60 flights were cancelled, and less than half of flights departed on time.

  • Berlin Airport: With extra passenger traffic from the Berlin Marathon, delays exceeded an hour, and check-in remained manual, with handwritten boarding passes.

  • Dublin Airport: Reported only minimal impact.

Broader context

  • The attack is part of a surge in high-profile ransomware cases, targeting critical infrastructure and major corporations.

  • Recent victims include Jaguar Land Rover, which was forced to halt production earlier this month.

  • A German industry survey found 1 in 7 companies have paid ransoms to recover from attacks.

  • Experts note that while such high-impact disruptions are highly visible, they remain relatively rare compared to the overall number of cyber incidents.

Expert perspective

Rafe Pilling of Sophos noted that attackers are increasingly focusing on high-visibility victims for maximum leverage:

“Disruptive attacks are becoming more visible in Europe, but visibility doesn’t necessarily equal frequency. Truly large-scale, disruptive attacks that spill into the physical world remain the exception rather than the rule.”

Collins Aerospace said it is in the final stages of deploying updates to restore full functionality across affected airports.

Beğenebilecekleriniz:
Google Sets Ambitious Five-Year Timeline for Quantum Computing Breakthroughs
Rapid7 Reaches Settlement with Jana Partners, Adds Three New Directors to Board
South Korea Fines SK Telecom Over Massive Data Breach Affecting Millions
U.S. Adds Tencent and CATL to List of Chinese Firms Allegedly Aiding Beijing’s Military
Aflac Investigates Potential Data Breach Following Cyberattack
Taiwan Bans Government Use of DeepSeek AI Over Security Concerns
UBS and Pictet Report Data Leak Following Cyber Attack on Service Provider; Client Data Safe
Israeli Cybersecurity Firms Raise $4 Billion in 2024, Driven by Cloud and AI Security Demand