The Swiss airport management service Swissport reported a ransomware attack on its IT systems on Friday. According to the company, the ransomware attack was aimed at the IT infrastructure. The group behind the attack was not named.
“The attack has been largely contained and we are actively working to fully resolve the issue as soon as possible. Swissport regrets the impact the incident has had on the delivery of our services,” Swissport said.
A spokesman for the National Cyber Security Center in Switzerland told Pentest7 that they were in contact with Swissport but could not provide any further information. Headquartered in Opfikon, Switzerland, the company manages airport ground and cargo handling services.
The news magazine “Der Spiegel” reports that 22 flights were delayed by around 20 minutes due to the attack. The company told the newspaper that there will be some delays but that ground services will continue at Zurich Airport and 306 other locations.
The attack caps a week of ransomware attacks and cybersecurity incidents affecting European oil and transport companies. A cyber attack on two German oil suppliers forced energy giant Shell to divert its oil supplies to other warehouses. According to the German Federal Office for Information Security (BSI), the ransomware group BlackCat was behind the incident, which affected 233 gas stations in Germany.
On Thursday, several ports in Belgium and the Netherlands reported problems after a cyber attack that affected IT services. The terminals in Antwerp, Ghent, Amsterdam and Terneuzen operated by SEA-Tank, Oiltanking and Evos are all struggling with problems in their operational systems. In a statement to Pentest7, Oiltanking said it had declared “force majeure” as a result of the attacks.
A spokesman for Evos told Pentest7 that the terminals continue to operate but are experiencing delays after the attack disrupted IT services at terminals in Terneuzen, Ghent and Malta. The public prosecutor’s office in Antwerp has launched an investigation into the cyber attacks. The multi-billion dollar German logistics company Hellmann Worldwide Logistics was also hit by ransomware in December.
The Dutch Ministry of Justice and Security (NCSC) told Pentest7 that news outlets making connections between the attacks in the Netherlands, Belgium and Germany were wrong.
“Based on the information, the NCSC has determined the following: As far as is currently known, this does not appear to be a coordinated attack. The attacks were probably carried out with criminal intent for financial gain,” said NCSC spokeswoman Miral Scheffer. “The NCSC will be closely monitoring the situation and taking action as necessary.”