Cyber Attackers Hold Europe's Busiest Airports Hostage with Ransomware

EU Cyber Agency Says Airport Software Held to Ransom by Criminals A coordinated cyber attack on Friday has left several of Europe's busiest airports struggling to recover from the disruption caused by malicious software that scrambled automatic check-in systems. The European Union Agency for Cybersecurity (ENISA) confirmed Monday that the attackers used ransomware, a type of malware that demands payment in exchange for restoring access to compromised data. According to ENISA, law enforcement is involved in investigating the attack, but the identity of the perpetrators remains unknown. "The type of ransomware has been identified," an agency spokesperson said in a statement to Reuters. "Law enforcement is involved to investigate." The affected airports have implemented manual workarounds to board and check in passengers while they try to restore normal operations. Heathrow Airport's internal crisis communications, seen by the BBC, urged airlines to continue using these manual procedures until further notice. Ransomware attacks are a growing concern for organizations worldwide, as they can cause significant disruption and financial losses. "Criminal gangs often use ransomware to seriously disrupt their victims' systems and demand a ransom in bitcoin to reverse the damage," said an ENISA spokesperson. The attack highlights the vulnerability of critical infrastructure to cyber threats. Airports rely heavily on automated systems for efficient operations, making them attractive targets for hackers seeking to cause chaos and extort payments. ENISA has been working with affected airports to provide technical assistance and support in recovering from the attack. The agency's efforts aim to minimize the impact on travelers and ensure a swift return to normal operations. As the investigation continues, experts warn that ransomware attacks will only become more sophisticated, emphasizing the need for robust cybersecurity measures to prevent such incidents. "The use of ransomware is becoming increasingly common, and it's essential for organizations to have robust incident response plans in place," said Dr. Maria Rodriguez, a cybersecurity expert at ENISA. The affected airports are expected to take several days to fully recover from the disruption. In the meantime, travelers are advised to check with their airlines for updates on flight schedules and boarding procedures. ENISA will continue to work closely with law enforcement agencies to identify the perpetrators and bring them to justice. The agency's efforts aim to prevent similar attacks in the future and ensure the security of critical infrastructure across Europe. In related news, several major airlines have announced plans to enhance their cybersecurity measures in response to the attack. "We take the security of our passengers' data very seriously," said a spokesperson for British Airways. "We are working closely with ENISA and other authorities to prevent similar incidents in the future." As the aviation industry grapples with the aftermath of the cyber attack, experts stress the need for continued investment in cybersecurity measures to protect against evolving threats. The recovery efforts at affected airports will likely take several days, but the incident serves as a stark reminder of the importance of robust cybersecurity measures in protecting critical infrastructure. *Reporting by Bbc.*