"Although this arrest is a positive step, the investigation into this incident is in its early stages and remains ongoing,"
"The Europe airlines ransomware situation is a variant of Hardbit ransomware, which doesn't have a portal and is incredibly basic,"
"They've had to restart recovery again as the devices keep getting reinfected. I've never seen an incident like it. Somebody like the NCSC needs to go in and help them with IR."
"While details are still emerging, the NCA has confirmed that the suspect was arrested in the UK, which will likely come as a surprise to many,"
A man in his forties was arrested in West Sussex on suspicion of Computer Misuse Act offences and released on conditional bail. The cyber attack targeted Collins Aerospace's ARINC cMUSE software, disrupting check-in and gate-sharing services and forcing manual check-ins at London Heathrow, Brussels, and Berlin. The incident has been confirmed as a ransomware attack. Cybersecurity researcher Kevin Beaumont identified the ransomware as a variant of Hardbit and reported repeated reinfections during recovery, recommending National Cyber Security Centre assistance for incident response. Speculation about nation-state involvement, including Russia, has been cast into doubt by the UK arrest. The investigation remains in its early stages.
Read at IT Pro
Unable to calculate read time
Collection
[
|
...
]