Yazılar

UK Police Arrest Man Over Cyberattack That Disrupted European Airports

/in /tarafından

British police have arrested a man in connection with a ransomware attack on Collins Aerospace, a unit of RTX, that disrupted check-in systems at several European airports and caused widespread travel chaos.

The National Crime Agency (NCA) said the suspect, a man in his 40s, was detained on Tuesday on suspicion of violating the Computer Misuse Act. He has since been released on conditional bail.

“Although this arrest is a positive step, the investigation into this incident is in its early stages and remains ongoing,” said NCA Deputy Director Paul Foster.

Authorities have not yet identified which criminal group was behind the hack. Unlike many ransomware gangs that typically publicize their attacks and leak stolen data on dark web sites, monitoring groups said no organization has yet claimed responsibility for the Collins Aerospace breach.

Ransomware attacks involve malicious software that encrypts a company’s data, with criminals demanding payment to unlock it. Such groups usually try to avoid targets likely to draw heavy law enforcement attention.

The Collins Aerospace hack is the latest in a series of cyberattacks in Europe that have triggered serious offline disruptions. Jaguar Land Rover, Britain’s largest carmaker and owned by Tata Motors, announced this week it would extend factory shutdowns until October 1 after a separate hack left operations paralyzed.

Berlin airport, one of several affected by the Collins Aerospace incident, warned it could take several more days before secure and fully functional systems are restored.

British police have arrested a man in connection with a ransomware attack on Collins Aerospace, a unit of RTX, that disrupted check-in systems at several European airports and caused widespread travel chaos.

The National Crime Agency (NCA) said the suspect, a man in his 40s, was detained on Tuesday on suspicion of violating the Computer Misuse Act. He has since been released on conditional bail.

“Although this arrest is a positive step, the investigation into this incident is in its early stages and remains ongoing,” said NCA Deputy Director Paul Foster.

Authorities have not yet identified which criminal group was behind the hack. Unlike many ransomware gangs that typically publicize their attacks and leak stolen data on dark web sites, monitoring groups said no organization has yet claimed responsibility for the Collins Aerospace breach.

Ransomware attacks involve malicious software that encrypts a company’s data, with criminals demanding payment to unlock it. Such groups usually try to avoid targets likely to draw heavy law enforcement attention.

The Collins Aerospace hack is the latest in a series of cyberattacks in Europe that have triggered serious offline disruptions. Jaguar Land Rover, Britain’s largest carmaker and owned by Tata Motors, announced this week it would extend factory shutdowns until October 1 after a separate hack left operations paralyzed.

Berlin airport, one of several affected by the Collins Aerospace incident, warned it could take several more days before secure and fully functional systems are restored.

EU confirms ransomware attack caused major airport disruptions

/in /tarafından

The EU’s cybersecurity agency ENISA confirmed on Monday that a ransomware attack was behind the widespread disruptions to automated check-in systems at several of Europe’s largest airports, including London Heathrow, Brussels, and Berlin. The incident, which began on Friday, has delayed or cancelled dozens of flights and impacted thousands of passengers.

What happened

  • The attack targeted Collins Aerospace’s MUSE software, a key system used for passenger check-in and boarding. Collins Aerospace is owned by RTX.

  • ENISA said law enforcement is investigating but did not disclose the origin of the ransomware or who may be behind it.

  • Ransomware attacks work by encrypting critical data and demanding payment for access restoration.

Impact on airports

  • Heathrow: Airlines implemented contingency plans, with most flights still operating.

  • Brussels Airport: Still facing major disruptions, using iPads and laptops to check in passengers. On Monday, about 60 flights were cancelled, and less than half of flights departed on time.

  • Berlin Airport: With extra passenger traffic from the Berlin Marathon, delays exceeded an hour, and check-in remained manual, with handwritten boarding passes.

  • Dublin Airport: Reported only minimal impact.

Broader context

  • The attack is part of a surge in high-profile ransomware cases, targeting critical infrastructure and major corporations.

  • Recent victims include Jaguar Land Rover, which was forced to halt production earlier this month.

  • A German industry survey found 1 in 7 companies have paid ransoms to recover from attacks.

  • Experts note that while such high-impact disruptions are highly visible, they remain relatively rare compared to the overall number of cyber incidents.

Expert perspective

Rafe Pilling of Sophos noted that attackers are increasingly focusing on high-visibility victims for maximum leverage:

“Disruptive attacks are becoming more visible in Europe, but visibility doesn’t necessarily equal frequency. Truly large-scale, disruptive attacks that spill into the physical world remain the exception rather than the rule.”

Collins Aerospace said it is in the final stages of deploying updates to restore full functionality across affected airports.

European airports face continued disruption after cyberattack on check-in systems

/in /tarafından

Some of Europe’s busiest airports — including London’s Heathrow, Berlin Brandenburg, and Brussels Airport — are still grappling with flight delays and cancellations after hackers targeted check-in and boarding software provider Collins Aerospace, owned by RTX.

The attack, which began on Friday, disabled Collins’ MUSE software, forcing airports to fall back on manual check-in operations. While Heathrow and Berlin reported easing disruption by Sunday, Brussels Airport said delays and cancellations would continue into Monday.

Brussels Airport asked airlines to cancel half of Monday’s flights to avoid severe queues and last-minute disruptions. On Sunday, 50 of 257 scheduled departures were canceled, following 25 cancellations the previous day.

Collins said it was in the “final stages” of restoring systems with a secure updated version of its software. However, Brussels Airport noted it had not yet received this update.

Passengers without online check-in or carry-on-only travel faced the worst queues. One traveler in Brussels described the experience:

“For me, it was business as usual. For those poor souls who didn’t do online check-in or have bags to check, they may be waiting a bit.”

Cirium data showed disruption levels varied: Heathrow had “low” delays, Berlin “moderate,” and Brussels “significant.”

The cyberattack is part of a wider wave of hacks disrupting European industries. Recent incidents included Jaguar Land Rover’s halted production and Marks & Spencer’s financial losses running into hundreds of millions of pounds. Regulators have launched investigations into the source of the latest breach.