Aerospace and defense giant RTX (formerly Raytheon Technologies) has officially confirmed that a ransomware attack has disrupted airport services, causing flight delays and cancellations worldwide.
In an SEC filing, the company revealed it became aware of the cybersecurity incident on September 19. While the filing did not name the subsidiary, the attack impacted Collins Aerospace, which provides airport check-in and boarding solutions.
Impact and Cause
RTX confirmed that customers have had to use backup and manual processes because the ransomware was found on the "Multi-User System Environment (MUSE) passenger processing software." This software allows multiple airlines to share check-in, gate, and baggage handling resources at airports. The company noted that the impacted MUSE systems operate on customer-specific networks, separate from the main RTX enterprise network.
The attack is believed to involve an obscure ransomware variant called HardBit, which emerged in October 2022 and is known to encrypt files and potentially steal data. However, the ransomware operation does not maintain a public site for leaking victim data. It remains unclear who is behind the attack, as HardBit operates as an affiliate program, meaning any cybercriminal group could have used it.
Reports indicate that some affected European airports are still experiencing delays. The vendor is reportedly struggling to completely remove the ransomware, with some systems becoming reinfected after cleanup attempts.
Investigation and Financial Impact
RTX has not commented on whether any personal or other sensitive data was stolen. The company expects the ongoing investigation to reveal the full impact of the incident, but does not anticipate a material effect on its financial condition or overall operations.
In connection with the incident, a 40-year-old man was arrested in the UK this week, but has since been released on bail. Authorities have not yet disclosed his identity or his potential connection to the attack.
Found this article interesting? Follow us on X(Twitter) ,Threads and FaceBook to read more exclusive content we post.
