Cyber Attackers Hold Europe's Busiest Airports Hostage with Ransomware

EU Cyber Agency Says Airport Software Held to Ransom by Criminals A coordinated cyber attack on Friday has left several of Europe's busiest airports struggling to recover from the disruption caused by malicious software that scrambled automatic check-in systems. The European Union Agency for Cybersecurity, ENISA, confirmed Monday that the attackers used ransomware, a type of malware that demands payment in exchange for restoring access to compromised data. According to ENISA, law enforcement is involved in investigating the attack, but the agency declined to comment further on the specifics of the case. "The type of ransomware has been identified," an ENISA spokesperson said in a statement to Reuters. "Law enforcement is involved to investigate." The attack affected several major airports across Europe, including Heathrow Airport in London, which was forced to implement manual workarounds for boarding and check-in processes. Internal crisis communications obtained by the BBC show that airport staff were instructed to continue using these workarounds as the recovery process continues. Ransomware attacks have become increasingly common in recent years, with cybercriminals using the tactic to extort money from victims worldwide. ENISA has warned that such attacks can cause significant disruption and financial losses for affected organizations. "It's a very serious threat," said Dr. Udo Helmbrecht, former director of ENISA. "Ransomware is a type of malware that encrypts data and demands payment in exchange for the decryption key. It's a classic case of extortion." The attack on Europe's airports highlights the vulnerability of critical infrastructure to cyber threats. As the world becomes increasingly dependent on digital systems, the risk of disruption and damage from cyber attacks grows. ENISA has advised organizations to prioritize cybersecurity measures, including regular software updates, robust backups, and employee education on safe online practices. As the investigation into the attack continues, airport officials are working to restore normal operations as quickly as possible. The incident serves as a reminder of the importance of investing in cybersecurity measures to protect against such threats. In related news, the International Air Transport Association (IATA) has issued a statement urging airlines and airports to prioritize cybersecurity and share best practices for mitigating ransomware attacks. The recovery process is expected to take several days, with airport officials working around the clock to restore automatic check-in systems. As the situation develops, this article will be updated with further information. Background: Ransomware attacks have become increasingly common in recent years, with cybercriminals using the tactic to extort money from victims worldwide. ENISA has warned that such attacks can cause significant disruption and financial losses for affected organizations. Additional Perspectives: Dr. Helmbrecht noted that ransomware attacks often target vulnerabilities in outdated software or operating systems. "It's essential for organizations to keep their software up-to-date and implement robust cybersecurity measures," he said. ENISA has advised organizations to prioritize cybersecurity measures, including regular software updates, robust backups, and employee education on safe online practices. Current Status: The recovery process is ongoing, with airport officials working around the clock to restore automatic check-in systems. ENISA continues to investigate the attack, but no further information is available at this time. *Reporting by Bbc.*