Yazılar

Collins Aerospace Works to Restore Airline Software After Cyberattack

/in /tarafından

Collins Aerospace, a subsidiary of RTX, said on Wednesday it is working to restore its passenger processing software after a cyber intrusion disrupted airline operations across several European airports.

The company’s MUSE system—which supports passenger check-in, baggage handling, and boarding—was knocked offline on September 19 in what has been identified as a ransomware attack. The disruption caused widespread travel delays and cancellations.

British police confirmed on Wednesday that they had arrested a man in connection with the incident, though investigations remain ongoing.

Berlin airport, one of the affected hubs, said it was still struggling to fully restore its check-in and baggage systems and warned travelers to expect further delays and cancellations.

The Collins Aerospace hack is the latest in a string of cyberattacks in Europe that have triggered significant real-world consequences, underscoring the vulnerability of critical infrastructure to digital threats.

Jaguar Land Rover extends cyberattack shutdown to four weeks, costing £50m per week

/in /tarafından

Jaguar Land Rover (JLR), Britain’s largest carmaker, said it will keep its factories closed until October 1 following a cyberattack earlier this month that has paralyzed operations and rippled across the automotive supply chain. The shutdown, now stretching to four weeks, is costing the Tata Motors-owned luxury carmaker about £50 million ($68 million) per week, according to the BBC.

JLR runs three UK factories producing around 1,000 vehicles a day, including the popular Range Rover and Defender models. The outage has forced many of its 33,000 employees to stay home, while smaller suppliers are also struggling to cope with the disruption.

Adding to the fallout, industry sources told The Insurer that JLR was left without direct cyber insurance coverage, having failed to finalize a deal brokered by Lockton before the attack. The company has declined to comment on its insurance position or on who may be behind the breach.

Government ministers, including Peter Kyle and Chris McDonald, visited JLR on Tuesday to discuss recovery plans. McDonald said the government’s top priorities are “helping Jaguar Land Rover get back up and running as soon as possible and the long-term health of the supply chain.”

The shutdown underscores the UK’s broader vulnerability to ransomware and cyberattacks, which have recently hit major retailers like Marks & Spencer and Co-op, and even disrupted airport check-in systems across Europe. Official figures show more than 40% of UK businesses reported some form of cyber breach in the past year.

S&P Global’s latest survey shows JLR’s stoppage is already weighing on UK manufacturing output. With JLR’s supply chain supporting over 104,000 jobs, the Unite union has warned of potential layoffs and urged government support to protect workers and suppliers.

JLR said it is working on a phased restart plan, though the investigation into the attack continues. “We have made this decision to give clarity for the coming week,” the company said, stressing its focus on minimizing disruption to staff and partners.

Airport chaos underscores growing trend of high-profile ransomware attacks

/in /tarafından

A weekend ransomware attack that crippled airport check-in systems across Europe has drawn attention to a new trend in cybercrime: hackers are increasingly targeting high-profile companies and infrastructure for both larger payouts and reputational clout, cybersecurity experts said.

The European Union’s cybersecurity agency ENISA confirmed on Monday that the attack on Collins Aerospace, a unit of RTX, was ransomware-based. The hack disrupted check-in and baggage systems since Friday, grounding flights and stranding thousands of passengers. The attackers’ identity remains unknown, with no ransomware group yet claiming responsibility on dark web leak sites.

Rafe Pilling, Director of Threat Intelligence at Sophos, noted that while most ransomware attacks remain financially motivated, a subset of operations is now engineered for maximum disruption: “They are becoming more visible and more ambitious.”

The strategy is not new but appears to be escalating. In April, the group Scattered Spider was linked to an attack on retailer Marks & Spencer that halted online orders for weeks. Britain’s National Crime Agency also charged two teenagers last week over a 2024 attack on Transport for London, tied to the same group. The FBI estimates Scattered Spider has been involved in around 120 network intrusions and netted $115 million in ransom payments.

Experts warn the trend poses greater systemic risks. Martyn Thomas, Emeritus Professor of IT at Gresham College, said software vulnerabilities and weak security practices continue to fuel the crisis: “If criminals were to decide to cause serious injury or many deaths, the same attack strategies could be used on critical systems in healthcare or major infrastructure.”

Another driver, analysts say, is reputation within cybercriminal networks. Pulling off high-impact breaches boosts a hacker’s credibility and standing among peers, creating a cycle of increasingly bold attacks.

The incident highlights the growing urgency for stronger software security and corporate defenses as ransomware groups become more emboldened, aiming not only for profit but also prestige.