A 40-year-old man was arrested in West Sussex this week in connection with a cyberattack that knocked out check-in systems at several major European airports, including London’s Heathrow, Berlin and Brussels.
The UK’s National Crime Agency (NCA) confirmed the arrest and says the investigation is ongoing. However, after his arrest, the suspect was reportedly released on conditional bail. The NCA says it is still early days, and it has not publicly identified others involved or the full motive behind the attack.
The attack targeted Collins Aerospace, a company whose systems handle check-in, baggage tagging and boarding processes at airports. Around Friday night, those systems began failing. Airport staff were forced to use handwritten boarding passes, backup laptops or manual check-in methods while efforts were underway to restore automated services.
Passengers faced delays and cancellations. Brussels in particular felt the impact hard: over the weekend, it cancelled dozens of flights and asked airlines to cut back departures after it proved difficult to restore the compromised system. Berlin also experienced long queues as staff tried to catch up.
Authorities believed the attack involved ransomware. The EU cybersecurity agency ENISA said a “third-party ransomware” was behind the outages. Collins Aerospace acknowledged a “cyber-related disruption” and is coordinating with airports and law enforcement to restore systems.
This incident adds to a growing list of cyber events affecting transport infrastructure worldwide, from rail systems to shipping terminals. Last week, UK authorities arrested two individuals linked to the Scattered Spider group during an investigation into a cyberattack on Transport for London (TfL) that caused millions of pounds in damage.
More to follow…
