Swissport Ransomware Attack Delayed Flights
Airport services giant Swissport is restoring its IT systems after a ransomware attack struck late last week, delaying flights.
The Zurich-headquartered firm operates everything from check-in gates and airport security to baggage handling, aircraft fuelling and de-icing and lounge hospitality. It claims to have provided ground services to 97 million passengers last year and handled over five million tons of air freight.
Swissport took to Twitter on Friday to warn its IT infrastructure had been hit by ransomware and apologize for any impact on service delivery.
However, a day later, the firm appeared to have things back under control.
“IT security incident at #Swissport contained,” it tweeted. “Affected infrastructure swiftly taken offline. Manual workarounds or fallback systems secured operation at all times. Full system clean-up and restoration now under way. We apologize for any inconvenience.”
It’s unclear exactly how severely the outage impacted its many clients around the globe. However, one report from German media revealed it led to temporary delays at Zurich airport.
“Due to system problems at our airport partner Swissport, 22 flights were delayed by three to 20 minutes yesterday,” a spokeswoman for the airport is quoted as saying.
The attackers are believed to have struck early in the morning of Thursday February 3. By Friday, there was no significant impact on operations at Zurich airport.
Backup procedures reportedly kicked in during the outage so that there was no impact on aircraft crews. However, a Swissport spokesperson reportedly admitted: “there may be delays in some cases.”
The news follows a series of attacks and disruptions at European ports and oil terminals over the past week, impacting fuel supply chains at a time of rising prices and heightened concern over the possible knock-on effect of Russia invading Ukraine.
“Whether the surge in attacks is related to current geopolitical events is unknown,” said Andy Norton, European cyber-risk officer at Armis.
“However, providers of critical services should immediately review the adequacy of their risk assessments, with emphasis on the criticality of ancillary IT systems that have increased connectivity, and the potential to impact OT and ICS production and service delivery.”
More Stories
Friday Squid Blogging: Squid Sticker
A sticker for your water bottle. Blog moderation policy. Read More
Italy’s Data Protection Watchdog Issues €15m Fine to OpenAI Over ChatGPT Probe
OpenAI must also initiate a six-month public awareness campaign across Italian media, explaining how it processes personal data for AI...
Ukraine’s Security Service Probes GRU-Linked Cyber-Attack on State Registers
The Security Service of Ukraine has accused Russian-linked actors of perpetrating a cyber-attack against the state registers of Ukraine Read...
LockBit Admins Tease a New Ransomware Version
The LockBitSupp persona said LockBit 4.0 will be launched in February 2025 Read More
Webcams and DVRs Vulnerable to HiatusRAT, FBI Warns
The FBI has issued a warning about the Hiatus RAT malware targeting Xiongmai and Hikvision web cameras and DVRs, urging...
CISA Urges Encrypted Messaging After Salt Typhoon Hack
The US Cybersecurity and Infrastructure Security Agency recommended users turn on phishing-resistant MFA and switch to Signal-like apps for messaging...