Airlines Seen as Vulnerable After Confirmed Ransomware Cyberattack, Suspect Arrested
upstart writes:
A ransomware attack was confirmed as the source of the weekend's airport disruption:
UK Arrests Man Linked to Ransomware Attack That Caused Airport Disruptions Across EuropeWhile no one crew has claimed responsibility for the attack that disrupted a number of European airports, including in Brussels, Berlin, London, Dublin and Cork this weekend, Europe's cybersecurity agency (ENISA) confirmed to the BBC that a ransomware attack was behind the chaos.
"The type of ransomware has been identified. Law enforcement is involved to investigate," the agency told Reuters.
The cyberattack disrupted check-in and baggage systems last Friday (19 September), targeting 'Muse' (multi-user system environment), a software tool made by Collins Aerospace, which provides a range of aircraft technologies, including baggage tagging and handling.
Experts had been warning for some time that airlines are particularly susceptible to widespread attacks. In July, after UK retailers were hit hard with Scattered Spider attacks, the FBI and cyber experts warned that airlines were likely to be next in line. Hackers using Scattered Spider tactics are renowned for targeting one sector at a time, although there is no indication as yet that they were behind this attack.
[...] "The aviation sector, with its complex network of third-party suppliers and contractors, presents an attractive target," said Haris Pylarinos, founder and CEO of cybersecurity company Hack the Box back in July. "If just one weak link is compromised, the ripple effects could be massive."
While the effects of the weekend attack were limited, it is certainly a major wake-up call for the airline industry.
"I'm deeply concerned but not surprised by the scale of the cyberattack on European airports," said Adam Blake, CEO and founder of cybersecurity company ThreatSpike
"Businesses are pouring vast sums of money into advanced security tools and bolt-on solutions, but it's just fragmenting security posture, creating overlapping controls and gaps for adversaries to exploit.
"Cybersecurity needs to be treated a lot more holistically, as a strategic priority built on end-to-end visibility, consistent monitoring and response, and proactive threat detection," he warned. "Where organisations stitch together a patchwork of vendors, vulnerabilities will inevitably emerge."
janrinok writes:
UK arrests man linked to ransomware attack that caused airport disruptions across Europe
The U.K.'s National Crime Agency (NCA) said on Wednesday that a man was arrested in connection to the ransomware attack that has caused delays and disruptions at several European airports since the weekend.
The hack, which began Friday, targeted check-in systems provided by Collins Aerospace, causing delays at Brussels, Berlin, and Dublin airports, as well as London's Heathrow, which lasted until yesterday.
While the NCA did not name the arrested man, the agency said he is "in his forties" and that he was arrested in the southern county of West Sussex on Tuesday under the country's Computer Misuse Act "as part of an investigation into a cyber incident impacting Collins Aerospace."
The man was released on conditional bail, according to the agency.
"Although this arrest is a positive step, the investigation into this incident is in its early stages and remains ongoing," said Paul Foster, deputy director and head of the NCA's National Cyber Crime Unit, in a statement.
Original Submission #1 Original Submission #2
Read more of this story at SoylentNews.