The UK’s National Crime Agency announced on Wednesday that a man was arrested in connection with a ransomware attack that caused delays and disruptions at several European airports since the weekend. The hack began on Friday and targeted check-in systems provided by Collins Aerospace. This caused significant delays at Brussels, Berlin, and Dublin airports, as well as London’s Heathrow, with disruptions lasting until Tuesday.
The NCA did not name the arrested individual but stated he is in his forties. He was arrested in the southern county of West Sussex on Tuesday under the country’s Computer Misuse Act as part of the investigation into the cyber incident impacting Collins Aerospace. The man has since been released on conditional bail.
According to Paul Foster, deputy director and head of the NCA’s National Cyber Crime Unit, the arrest is a positive step but the investigation remains in its early stages and is ongoing. An NCA spokesperson confirmed the agency had no further information to add beyond its official statement.
The cyberattack on Friday caused widespread travel delays and major disruptions. These included boarding passes failing at departure gates and some flight cancellations, as affected airports and airlines were forced to resort to manual check-in processes.
RTX, the defense contractor giant that owns Collins Aerospace, confirmed the cyberattack was related to ransomware in a legally required notice filed with the US Securities and Exchange Commission on Wednesday. In the filing, RTX described the incident as involving ransomware but did not provide specifics about the type of ransomware used or the hackers responsible.
The company stated that the incident affected its check-in software, which operates on customer-specific networks. RTX noted that its customers had shifted to back-up or manual processes, resulting in certain flight delays and cancellations.
The confirmation that ransomware was to blame for the outage was first revealed by the European cybersecurity agency ENISA on Monday. A spokesperson for RTX did not respond to a request for comment. This report has been updated with new information from RTX’s SEC filing.