A recent ransomware attack has caused significant disruptions at major European airports, impacting automated check-in systems and affecting thousands of passengers. The incident, which began on Friday, was confirmed by the European Union Agency for Cybersecurity (ENISA), underscoring the increasing threats to critical infrastructure across the continent.
The attack targeted systems provided by Collins Aerospace, a subsidiary of RTX, leading to widespread delays and cancellations. By Monday, several of Europe’s busiest airports, including Brussels Airport and London Heathrow Airport, were still experiencing operational challenges. The disruptions affected dozens of flights, with reports indicating that as many as 60 out of approximately 550 flights at Brussels were canceled.
ENISA stated that law enforcement is involved in investigating the malicious software responsible for this attack. However, details regarding the origin of the ransomware have not been disclosed. The attack exemplifies a broader trend, as both governments and corporations have faced increasing cyber threats in recent months. Notably, luxury car manufacturer Jaguar Land Rover recently halted production due to a separate cyber incident.
Rafe Pilling, director of threat intelligence at British cybersecurity firm Sophos, noted that while ransomware attempts against high-profile targets are gaining attention, the overall frequency of such attacks has not significantly increased. “Disruptive attacks are becoming more visible in Europe, but visibility doesn’t necessarily equal frequency,” he explained. “Truly large-scale, disruptive attacks that spill into the physical world remain the exception rather than the rule.”
A survey conducted by the German industry group Bitkom revealed that ransomware is the most prevalent form of cyberattack, with one in seven companies admitting to having paid a ransom. This highlights the persistent vulnerability faced by organizations across various sectors.
In response to the ongoing disruptions, Collins Aerospace stated on Monday that it is working diligently with the affected airports to restore normal operations. The company is currently finalizing updates designed to enhance system functionality. Despite these efforts, Berlin Airport reported challenges due to an influx of passengers coinciding with the Berlin Marathon, leading to delays exceeding one hour for departing flights. One traveler described the experience as reminiscent of early commercial air travel, with handwritten boarding passes being issued.
While Dublin Airport reported “minimal impact,” it implemented manual check-in processes to mitigate the disruption. The ongoing situation serves as a stark reminder of the vulnerabilities within the aviation sector and the potential fallout from cyberattacks on critical infrastructure. As investigations continue, authorities are keen to understand the full extent and implications of this ransomware incident.
