The Guardian
Lauren Almeida
Mon 22 Sep 2025 13.19 CEST
First published on Mon 22 Sep 2025 10.03 CEST
Software provider Collins Aerospace completing updates after Heathrow, Brussels and Berlin hit by problems
Flight delays continue across Europe after weekend cyber-attack
Software provider Collins Aerospace completing updates after Heathrow, Brussels and Berlin hit by problems
Passengers are facing another day of flight delays across Europe, as big airports continue to grapple with the aftermath of a cyber-attack on the company behind the software used for check-in and boarding.
Several of the largest airports in Europe, including London Heathrow, have been trying to restore normal operations over the past few days after an attack on Friday disrupted automatic check-in and boarding software.
The problem stemmed from Collins Aerospace, a software provider that works with several airlines across the world.
The company, which is a subsidiary of the US aerospace and defence company RTX, said on Monday that it was working with four affected airports and airline customers, and was in the final stages of completing the updates needed to restore full functionality.
The European Union Agency for Cybersecurity said on Monday that Collins had suffered a ransomware attack. This is a type of cyber-attack where hackers in effect lock up the target’s data and systems in an attempt to secure a ransom.
Airports in Brussels, Dublin and Berlin have also experienced delays. While kiosks and bag-drop machines have been offline, airline staff have instead relied on manual processing.
The government’s independent reviewer of terrorism legislation, Jonathan Hall KC, said it was possible state-sponsored hackers could be behind the attack.
When asked if a state such as Russia could have been responsible, Hall told Times Radio “anything is possible”.
He added that while people thought, “understandably, about states deciding to do things it is also possible for very, very powerful and sophisticated private entities to do things as well”.
A spokesperson for Brussels airport said Collins Aerospace had not yet confirmed the system was secure again. On Monday, 40 of its 277 departing flights and 23 of its 277 arriving services were cancelled.
A Heathrow spokesperson said the “vast majority of flights at Heathrow are operating as normal, although check-in and boarding for some flights may take slightly longer than usual”.
They added: “This system is not owned or operated by Heathrow, so while we cannot resolve the IT issue directly, we are supporting airlines and have additional colleagues in the terminals to assist passengers.”
Hannah Neumann was targeted in a cyber-espionage operation by an infamous Iranian hacking group earlier this year, she said.
A prominent European Parliament member was the victim of what is believed to be a cyber-espionage operation tied to her role as chair of the chamber's Iran delegation, she told POLITICO.
The office of Hannah Neumann, a member of the German Greens and head of the delegation spearheading work on European Union-Iran relations, was targeted by a hacking campaign that started in January, she said. Her staff was contacted with messages, phone calls and emails by hackers impersonating a legitimate contact. They eventually managed to target a laptop with malicious software.
"It was a very sophisticated attempt using various ways to manage that someone accidentally opens a link, including putting personal pressure on them," Neumann said.
This update outlines what happened, what we’ve done so far, and the actions we are taking to prevent it from happening in the future.
Le conseiller fédéral Albert Rösti signera aujourd’hui à Strasbourg la Convention-cadre du Conseil de l’Europe sur l’intelligence artificielle. Par cet acte, la Suisse rejoint les États signataires d’un premier instrument juridiquement contraignant au niveau international visant à encadrer le développement et l’utilisation de l’IA dans le respect des droits fondamentaux
Ukrainian hackers carried out a cyberattack that took down online broadcasts of Russian state television and radio channels on Monday, according to an official in Kyiv with knowledge of the operation.
#A #Dmitry #Emerging #Europe #Infrastructure #Markets #Media #Peskov #Putin #Radio #Russia #Ukraine #Vladimir #business #cybersecni #cybersecurity #politics #technology
A cohort of Russian-speaking hackers is demanding $50 million from a UK lab-services provider to end a ransomware attack that has paralyzed services at London hospitals for weeks, according to a representative for the group.
#Britain #Cancer #Ciaran #Europe #Government #Great #HEALTH #Kingdom #London #Martin #NATIONAL #Regulation #SERVICE #United #business #cybersecni #cybersecurity #technology
The top European Union cybersecurity official says that disruptive digital attacks have doubled in the 27-member bloc in recent months and election-related services are also being targeted.
Russian military intelligence, the G.R.U., is behind arson attacks aimed at undermining support for Ukraine’s war effort, security officials say.
The Putin regime conducts large-scale propaganda not only through its state media but also through “useful idiots,” who focus on demonizing the US, EU, and NATO and have right- or left-wing views. New “multilingual international media” have emerged that write in a way that suits the Kremlin and spread pro-Russian narratives and disinformation, replacing Russia Today and Sputnik, which have received a ban in Europe.
La loi sur l’IA est le tout premier cadre juridique en matière d’IA, qui traite des risques liés à l’IA et positionne l’Europe pour qu’elle joue un rôle de premier plan à l’échelle mondiale.
Europe’s commercial ports are top entry points for cocaine flooding in at record rates. The work of a Dutch hacker, who was hired by drug traffickers to penetrate port IT networks, reveals how this...
The Winter Vivern Russian hacking group has been exploiting a Roundcube Webmail zero-day since at least October 11 to attack European government entities and think tanks.
In the last couple of months, Check Point Research (CPR) has been tracking the activity of a Chinese threat actor targeting Foreign Affairs ministries and embassies in Europe. Combined with other Chinese activity previously reported by Check Point Research, this represents a larger trend within the Chinese ecosystem, pointing to a shift to targeting European entities, with a focus on their foreign policy.
The activity described in this report, utilizes HTML Smuggling to target governmental entities in Eastern Europe. This specific campaign has been active since at least December 2022, and is likely a direct continuation of a previously reported campaign attributed to RedDelta (and also to Mustang Panda, to some extent).
APT group Mustang Panda now appears to have Europe and Asia Pacific targets in its sights. The BlackBerry Research and Intelligence team recently unearthed evidence that the group may be using global interest in the Russian-Ukraine war to deliver PlugX malware via phishing lure to unsuspecting users.
ESET research uncovers attacks against several high-profile aerospace and military companies in Europe and the Middle East, with several hints suggesting a possible link to the Lazarus group.
The risk of distributed denial-of-service attacks (DDoS) has never been greater. Over the past several years, organizations have encountered a deluge of DDoS extortion, novel threats, state-sponsored hacktivism, and unprecedented innovation in the threat landscape.
BERLIN (AP) — The European Central Bank said Tuesday that its president, Christine Lagarde, was targeted in a hacking attempt but no information was compromised. The attempt took place “recently,” the Frankfurt-based central bank for the 19 countries that use the euro said in an emailed response to a query about a report by Business Insider.
As civil society and media organisations expose EU Member States' use of the Pegasus commercial spyware, one of the most high-profile spying scandals of recent years is coming to light in Europe.
Unveiling an unknown APT actor attacking high-profile entities in Europe and Asia
ToddyCat is a relatively new APT actor that we have not been able to relate to other known actors, responsible for multiple sets of attacks detected since December 2020 against high-profile entities in Europe and Asia. We still have little information about this actor, but we know that its main distinctive signs are two formerly unknown tools that we call ‘Samurai backdoor’ and ‘Ninja Trojan’.
