top of page

When Automation Fails: Lessons in Cyber Resilience from Europe's Airport Ransomware Attack

  • Writer: Mantas Sabeckis
    Mantas Sabeckis
  • 2 hours ago
  • 2 min read

Guest Editorial by Mantas Sabeckis, Security Researcher, Cybernews


Late last month, millions of travelers faced a modern nightmare: delays, cancellations, and chaos at some of Europe’s busiest airports – Heathrow, Brussels, Berlin – triggered by a ransomware attack on Collins Aerospace’s check-in and boarding software. It's very much the reality of today’s hyperconnected infrastructure.


Mantas Sabeckis
Mantas Sabeckis

This shows how hidden cyber risks can be. It also shows how unprepared many important systems are for these kinds of threats. And this also shows how the vulnerability of supply chains can put businesses in trouble. Collins Aerospace isn’t an airport or airline but a software vendor, a third-party provider whose systems connect together vast and complex air travel operations. 


This sort of third-party risk is increasingly a preferred target for ransomware gangs. A flaw in one vendor’s software can cascade through the global transportation ecosystem, unleashing disruption across an entire continent.


The lesson here is that just making your own computers and firewalls stronger isn’t enough. Real protection means keeping a close eye on every part of your supply chain. Are vendors’ security practices robust? Do contracts demand transparent vulnerability disclosure? Is patch management swift and audited? Those questions are foundational.


Then there’s the often-overlooked fallback mode: manual operations. This hack blew up the digital convenience airports pride themselves on: automated check-ins and seamless boarding. The reversion to handwritten boarding passes and paper manifests was crude but necessary. 


Investing in these manual backups and making sure staff are trained to execute them under pressure is as essential as any other security measure. In the race to digitize, this old-school readiness often gets pushed aside, until it becomes a lifeline.


Experts are trying to find out who’s responsible. Terror law watchdog Jonathan Hall KC says it’s possible state-sponsored hackers could be behind the attack. Places like Heathrow in the UK are obvious targets during big political and economic tensions. Figuring out who’s behind attacks like this is always tough, but it shows that important systems like airports are now key targets in global cyber battles.


This incident shows that being ready for cyberattacks isn’t just about building stronger defenses. It means taking care of the entire system – making sure every part, including suppliers, is secure, planning for the worst, and having backup plans that keep important services running no matter what.


The aviation sector might be racing toward a more automated future, but we must keep in mind that the digital runway isn’t invincible, and resilience must be built in from the ground up.

Mantas Sabeckis is a security researcher at Cybernews, specializing in identifying data leaks, detecting vulnerabilities, and enhancing the security of AI systems. With a strong commitment to responsible disclosure, he collaborates with both large corporations and small organizations to help them address security issues before they can be exploited. Mantas’s work centers on understanding how sensitive data is exposed and sharing insights that contribute to stronger cybersecurity practices. His mission is clear: to make the internet a safer place for everyone by advancing research, promoting responsible security measures, and supporting initiatives that protect digital ecosystems. 

bottom of page