Ransomware Attacks on European Transportation Targets

This post is also available in: עברית (Hebrew)

A ransomware attack on a Swiss airport could be part of a larger campaign. Airport ground services and air cargo operator Swissport has been hit on Feb. 3 with a ransomware attack that caused disruption in operations at Zurich Airport (ZRH).

Swissport is responsible for most of the operations at the airport. As result of the attack, 22 flights were delayed by up to 20 minutes at Zurich Airport. The company announced that a  part of its IT infrastructure “was subject to a ransomware attack. The attack has been largely contained and we are working actively to fully resolve the issue as quickly as possible.”

Most critical systems and applications remained unaffected, but some systems were shut temporarily due to the impact on several servers.

The security teams were quick to detect the attack and restored the firm’s IT systems. No information about the perpetrators has been available so far, according to airport-technology.com.

It is not yet clear whether this Swiss incident this was part of a wider, coordinated attack, as it came after a week of ransomware attacks and cybersecurity incidents affecting European oil and transportation services. 

According to zdnet.com, a cyberattack on two German oil suppliers forced energy giant Shell to reroute oil supplies to other depots. The German Federal Office for Information Security (BSI) said the BlackCat ransomware group was behind the incident, which affected 233 gas stations across Germany. Multiple ports in Belgium and the Netherlands reported issues after a cyberattack affecting IT services.