British police arrest man over hack that affected European airports

LONDON – The British police said on Sept 24 a man had been arrested as part of an investigation into a ransomware attack against Collins Aerospace, owned by RTX, which knocked check-in systems at airports offline and caused widespread travel disruption across Europe.

Britain’s National Crime Agency (NCA) said in a statement that the man, in his 40s, was arrested on Sept 23 on suspicion of offences under the Computer Misuse Act and had since been released on conditional bail.

“Although this arrest is a positive step, the investigation into this incident is in its early stages and remains ongoing,” NCA deputy director Paul Foster said.

It remained unclear which criminal group was behind last week’s hack. An NCA spokesperson declined to provide further details.

Ransomware gangs routinely publicise attacks and leak stolen data on dark web “leak sites” but websites that monitor those portals had not, as of Sept 24, detected any group claiming the hack.

Ransomware is malicious software used by cyber criminals to encrypt a company’s data and demand payment for its release.

They typically operate in the shadows, and many try to avoid targets which might earn them unwanted attention from law enforcement agencies.

The attack on Collins Aerospace was the latest in a string of online hacks in Europe which have had significant offline consequences.

Britain’s biggest carmaker Jaguar Land Rover, owned by India’s Tata Motors, said on Sept 23 it was extending the closure of its factories until Oct 1. This follows a hack in September that has left its operations paralysed and smaller suppliers struggling.

Berlin Airport, one of several airports across Europe to have been impacted by the Collins Aerospace hack, said on Sept 24 that it may take several more days before it had functional and secure software again, operator BER said in a statement. REUTERS