'cyber attack' that crippled major airports 'could be test for something bigger'

Passengers queuing at Heathrow Terminal 2 amid delays caused by a cyber incident disrupting check-in and boarding software (Picture: Reuters)

The suspected cyber attack affecting several international airports could be a ‘test’ for a far bigger sabotage,an expert has said.

Several airports,including London Heathrow and Brussels,were plunged into chaos following a ‘technical issue’ relating to check in and boarding systems on Saturday.

The issue involved a software called Muse,provided by Collins Aerospace,which is used by airlines at shared check-in desks,boarding gates and other infrastructure.

Carriers were forced to turn to manual systems to process passengers amid the ongoing chaos.

But an expert has suggested that given Muse is an ‘industry standard’ used across some 150 airports worldwide,criminals could be using the current disruption as a showcase for a far larger attack that would cripple systems globally.

Professor Alan Woodward,visiting professor of computing at the University of Sussex said the lack of transparency around the incident implied the system had been targeted by criminals or possibly state actors.

Passengers were plunged into chaos following a cyber issue relating to airport check in and boarding systems (Picture: Reuters)

He told Metro: ‘Criminals do these things for money. They’re in their networks and they’re saying we could close down all sorts of parts of your network unless you pay us.

‘This was a tester.’

Professor Woodward said that the lack of clear information on the nature of the incident made it more likely it was some form of malicious act.

He asked: ‘If so many airports are using it,why are we only hearing about three?

‘It’s not clear whether they did some kind of update,in which case why did others not have the same malware?

‘It raises more questions than it answers. Everyone’s being very quiet about it. They are just not saying anything.’

He added that a lesson taken from previous cyber attacks affecting large firms,from Jaguar Land Rover to Marks and Spencer,was ‘be open and honest and transparent as you can and as often as you can’.

Previous companies targeted by criminals often didn’t grasp the severity of the issue until it was too late,he said.

Passengers wait with their bags at Heathrow terminal 4 as flights were delayed and cancelled (Picture: PA)

Who are Collins Aerospace?

You may have never heard of it,but Collins Aerospace provides many of the systems vital for getting you on your journey and your plane in the air.It provides a range of services,from ground handling software to technology onboard aircraft.The cyber issue on Saturday related to its check-in and boarding software,known as Muse.Muse (which stands for Multi-user System Environment) is a system used by airlines at shared check-in desks,bag drop kiosks and boarding gates.‘The pattern seems to have developed recently where they think they’ve been attacked and they think nothing’s been affected and suddenly they look a little deeper and things are a bit worse than they thought and they start uncovering a few rocks.‘That’s what we’ve seen at Jaguar Land Rover.’Cleaning the whole system out could involve shutting it down completely,he added,which could further disrupt passengers’ journeys.‘If they have to turn the whole system off out of an abundance of caution,then that is going to affect an enormous number of airports and potentially millions of passengers’,he said.Some believe the attackers could be state-sponsored.Colonel Philip Ingram,a former military intelligence officer,said it was plausible that the Kremlin could be connected to today’s events.‘It does have all the hallmarks of being something where the Russians would be behind it’,he told the Daily Mail.The incident also raises questions about so-called ‘supply chain attacks’ which target whole industries,and simultaneously impact several companies.Collins is owned by RTX,the world’s largest aviation and defence company,and counts the UK government among its customers.Travellers waiting in the departures hall at Brussels Airport,amid ongoing disruption to flights (Picture: AFP)Travel expert Paul Charles said it was ‘deeply worrying’ that such a large organisation had been affected in this way.‘There will be deep concerns that their systems have been tampered with in such a way’,he said.Professor Woodward said the incident shows that firms need ‘defence in depth’ to withstand potential cyber attacks.He said: ‘You have to assume that all systems will be broken into and penetrated at some point. You have to know as soon as you’ve been broken into and penetrated. You have to be able to stop them getting any further.‘It’s a bit like a castle,you have an outer wall,an inner wall,all the way through to the inner keep. The architecture of your software and your security has to be really specific.‘Most people assume now that everything will be attacked and will be targeted.’Elsewhere,Dublin Airport’s Terminal 2 was evacuated on Saturday due to a security alert.Metro has contacted Collins Aerospace for comment.