Yazılar

Collins Aerospace Works to Restore Airline Software After Cyberattack

/in /tarafından

Collins Aerospace, a subsidiary of RTX, said on Wednesday it is working to restore its passenger processing software after a cyber intrusion disrupted airline operations across several European airports.

The company’s MUSE system—which supports passenger check-in, baggage handling, and boarding—was knocked offline on September 19 in what has been identified as a ransomware attack. The disruption caused widespread travel delays and cancellations.

British police confirmed on Wednesday that they had arrested a man in connection with the incident, though investigations remain ongoing.

Berlin airport, one of the affected hubs, said it was still struggling to fully restore its check-in and baggage systems and warned travelers to expect further delays and cancellations.

The Collins Aerospace hack is the latest in a string of cyberattacks in Europe that have triggered significant real-world consequences, underscoring the vulnerability of critical infrastructure to digital threats.

UK Police Arrest Man Over Cyberattack That Disrupted European Airports

/in /tarafından

British police have arrested a man in connection with a ransomware attack on Collins Aerospace, a unit of RTX, that disrupted check-in systems at several European airports and caused widespread travel chaos.

The National Crime Agency (NCA) said the suspect, a man in his 40s, was detained on Tuesday on suspicion of violating the Computer Misuse Act. He has since been released on conditional bail.

“Although this arrest is a positive step, the investigation into this incident is in its early stages and remains ongoing,” said NCA Deputy Director Paul Foster.

Authorities have not yet identified which criminal group was behind the hack. Unlike many ransomware gangs that typically publicize their attacks and leak stolen data on dark web sites, monitoring groups said no organization has yet claimed responsibility for the Collins Aerospace breach.

Ransomware attacks involve malicious software that encrypts a company’s data, with criminals demanding payment to unlock it. Such groups usually try to avoid targets likely to draw heavy law enforcement attention.

The Collins Aerospace hack is the latest in a series of cyberattacks in Europe that have triggered serious offline disruptions. Jaguar Land Rover, Britain’s largest carmaker and owned by Tata Motors, announced this week it would extend factory shutdowns until October 1 after a separate hack left operations paralyzed.

Berlin airport, one of several affected by the Collins Aerospace incident, warned it could take several more days before secure and fully functional systems are restored.

British police have arrested a man in connection with a ransomware attack on Collins Aerospace, a unit of RTX, that disrupted check-in systems at several European airports and caused widespread travel chaos.

The National Crime Agency (NCA) said the suspect, a man in his 40s, was detained on Tuesday on suspicion of violating the Computer Misuse Act. He has since been released on conditional bail.

“Although this arrest is a positive step, the investigation into this incident is in its early stages and remains ongoing,” said NCA Deputy Director Paul Foster.

Authorities have not yet identified which criminal group was behind the hack. Unlike many ransomware gangs that typically publicize their attacks and leak stolen data on dark web sites, monitoring groups said no organization has yet claimed responsibility for the Collins Aerospace breach.

Ransomware attacks involve malicious software that encrypts a company’s data, with criminals demanding payment to unlock it. Such groups usually try to avoid targets likely to draw heavy law enforcement attention.

The Collins Aerospace hack is the latest in a series of cyberattacks in Europe that have triggered serious offline disruptions. Jaguar Land Rover, Britain’s largest carmaker and owned by Tata Motors, announced this week it would extend factory shutdowns until October 1 after a separate hack left operations paralyzed.

Berlin airport, one of several affected by the Collins Aerospace incident, warned it could take several more days before secure and fully functional systems are restored.

Airport chaos underscores growing trend of high-profile ransomware attacks

/in /tarafından

A weekend ransomware attack that crippled airport check-in systems across Europe has drawn attention to a new trend in cybercrime: hackers are increasingly targeting high-profile companies and infrastructure for both larger payouts and reputational clout, cybersecurity experts said.

The European Union’s cybersecurity agency ENISA confirmed on Monday that the attack on Collins Aerospace, a unit of RTX, was ransomware-based. The hack disrupted check-in and baggage systems since Friday, grounding flights and stranding thousands of passengers. The attackers’ identity remains unknown, with no ransomware group yet claiming responsibility on dark web leak sites.

Rafe Pilling, Director of Threat Intelligence at Sophos, noted that while most ransomware attacks remain financially motivated, a subset of operations is now engineered for maximum disruption: “They are becoming more visible and more ambitious.”

The strategy is not new but appears to be escalating. In April, the group Scattered Spider was linked to an attack on retailer Marks & Spencer that halted online orders for weeks. Britain’s National Crime Agency also charged two teenagers last week over a 2024 attack on Transport for London, tied to the same group. The FBI estimates Scattered Spider has been involved in around 120 network intrusions and netted $115 million in ransom payments.

Experts warn the trend poses greater systemic risks. Martyn Thomas, Emeritus Professor of IT at Gresham College, said software vulnerabilities and weak security practices continue to fuel the crisis: “If criminals were to decide to cause serious injury or many deaths, the same attack strategies could be used on critical systems in healthcare or major infrastructure.”

Another driver, analysts say, is reputation within cybercriminal networks. Pulling off high-impact breaches boosts a hacker’s credibility and standing among peers, creating a cycle of increasingly bold attacks.

The incident highlights the growing urgency for stronger software security and corporate defenses as ransomware groups become more emboldened, aiming not only for profit but also prestige.