Close Menu
Cybercrime and Ransomware

RTX Confirms Passenger Boarding Software Hacked in Ransomware Attack

Staff WriterBy No Comments3 Mins Read0 Views

Essential Insights

  1. RTX Corp. confirmed a ransomware attack on its airline passenger processing software, MUSE, disrupting flights across Europe.
  2. The incident was discovered on September 19, with authorities arresting a suspect in the UK under suspicion of computer misuse.
  3. RTX is actively investigating with forensic experts, notifying law enforcement, and providing support to affected airlines and airports.
  4. Despite the disruption, RTX states the attack is not expected to significantly impact its overall operations or financial health.

Underlying Problem

RTX Corp., the parent company of Collins Aerospace, revealed that their airline passenger processing system, called MUSE, was targeted in a ransomware attack that disrupted flights across major European airports such as Heathrow, Brussels, Berlin, and Dublin. This cyber assault, discovered on September 19, involved malicious hacking that compromised the system responsible for passenger check-ins, boarding, and baggage tracking—functions crucial for smooth airport operations. Because MUSE operates on a separate, customer-specific network outside RTX’s main systems, the breach was isolated; however, it still caused significant delays and confusion. Authorities in the UK have detained a man in his 40s suspected of violating the Computer Misuse Act, indicating ongoing criminal investigations. RTX is actively working with forensic experts and law enforcement agencies, while also alerting affected airlines and airports, and providing support to minimize ongoing disruptions. Despite the serious nature of the attack, RTX has assured the public that the incident is unlikely to have a long-term impact on its operations or financial health, though Heathrow has advised passengers to arrive early for their flights as a precaution.

Security Implications

RTX Corp., parent of Collins Aerospace, confirmed a ransomware attack compromised its MUSE airline passenger processing software, disrupting flights across major European airports such as Heathrow, Brussels, Berlin, and Dublin. The malware, used to check-in passengers and track baggage via a system operating on a customer-specific network outside RTX’s main enterprise, has caused significant operational delays. The incident led to arrests in the UK, and authorities are investigating the breach, which prompted RTX to engage forensic experts and alert law enforcement agencies globally. While the company assures that its core operations and financial health remain unaffected, the disruption highlights the substantial cyber risks posed by ransomware—ranging from logistical chaos to financial and reputational harm—especially when critical infrastructure like airline systems are targeted.

Possible Next Steps

Prompt action is crucial when dealing with a confirmed hack involving ransomware targeting passenger boarding software, as delays can escalate damage, compromise passenger safety, and result in significant financial and reputational losses.

Containment Measures

  • Isolate affected systems immediately to prevent spread.
  • Disable network access for compromised components.

Assessment and Investigation

  • Conduct a thorough forensic analysis to determine breach extent.
  • Identify vulnerabilities exploited during the attack.

Restoration and Recovery

  • Remove ransomware by restoring from secure backups.
  • Patch and update all software to close security gaps.

Enhancement Strategies

  • Implement advanced threat detection tools.
  • Strengthen user authentication and access controls.

Communication Protocols

  • Notify relevant authorities and stakeholders.
  • Provide transparent updates to passengers and partners.

Prevention and Training

  • Regularly train staff on cybersecurity best practices.
  • Establish a comprehensive cybersecurity framework.

Stay Ahead in Cybersecurity

Stay informed on the latest Threat Intelligence and Cyberattacks.

Understand foundational security frameworks via NIST CSF on Wikipedia.

Disclaimer: The information provided may not always be accurate or up to date. Please do your own research, as the cybersecurity landscape evolves rapidly. Intended for secondary references purposes only.

Cyberattacks-V1

Share.
Avatar photo

John Marcelli is a staff writer for the CISO Brief, with a passion for exploring and writing about the ever-evolving world of technology. From emerging trends to in-depth reviews of the latest gadgets, John stays at the forefront of innovation, delivering engaging content that informs and inspires readers. When he's not writing, he enjoys experimenting with new tech tools and diving into the digital landscape.

Related Posts

Comments are closed.