Swissport Ransomware Attack Delayed Flights
Airport services giant Swissport is restoring its IT systems after a ransomware attack struck late last week, delaying flights.
The Zurich-headquartered firm operates everything from check-in gates and airport security to baggage handling, aircraft fuelling and de-icing and lounge hospitality. It claims to have provided ground services to 97 million passengers last year and handled over five million tons of air freight.
Swissport took to Twitter on Friday to warn its IT infrastructure had been hit by ransomware and apologize for any impact on service delivery.
However, a day later, the firm appeared to have things back under control.
“IT security incident at #Swissport contained,” it tweeted. “Affected infrastructure swiftly taken offline. Manual workarounds or fallback systems secured operation at all times. Full system clean-up and restoration now under way. We apologize for any inconvenience.”
It’s unclear exactly how severely the outage impacted its many clients around the globe. However, one report from German media revealed it led to temporary delays at Zurich airport.
“Due to system problems at our airport partner Swissport, 22 flights were delayed by three to 20 minutes yesterday,” a spokeswoman for the airport is quoted as saying.
The attackers are believed to have struck early in the morning of Thursday February 3. By Friday, there was no significant impact on operations at Zurich airport.
Backup procedures reportedly kicked in during the outage so that there was no impact on aircraft crews. However, a Swissport spokesperson reportedly admitted: “there may be delays in some cases.”
The news follows a series of attacks and disruptions at European ports and oil terminals over the past week, impacting fuel supply chains at a time of rising prices and heightened concern over the possible knock-on effect of Russia invading Ukraine.
“Whether the surge in attacks is related to current geopolitical events is unknown,” said Andy Norton, European cyber-risk officer at Armis.
“However, providers of critical services should immediately review the adequacy of their risk assessments, with emphasis on the criticality of ancillary IT systems that have increased connectivity, and the potential to impact OT and ICS production and service delivery.”
UK police reveal they are running fake DDoS-for-hire sites to collect details on cybercriminals
There's bad news if you're someone who is keen to launch a Distributed Denial-of-Service (DDoS) attack to boot a website...
Microsoft Fixes Security Flaw in Windows Screenshot Tools
Information disclosure vulnerability aCropalypse could enable malicious actors to recover sections of screenshots Read More
Three Variants of IcedID Malware Discovered
The new variants hint that considerable effort is going into the future of IcedID and its codebase Read More
New MacStealer Targets Catalina, Newer MacOS Versions
The malware can extract information from documents, browser cookies and login information Read More
Can zero trust be saved?
Graham Cluley Security News is sponsored this week by the folks at Kolide. Thanks to the great team there for...
Part of Twitter source code leaked on GitHub
Part of Twitter’s source code has been leaked and posted on GitHub by an unknown user. GitHub took down the...