Last week’s cyber attack on Heathrow that caused travel chaos across Europe could have been carried out by a hostile state, an expert has warned.
Britain’s busiest airport, along with others in Brussels and Berlin were crippled on Saturday after hackers targeted Collins Aerospace, a tech firm that provides services for several airlines at multiple airports across the world.
The attack shut down their check-in and boarding systems, forcing staff to manually process passengers which caused hundreds of flight delays and cancellations.
On Monday morning, Heathrow said work was continuing to ‘resolve and recover’ from the ‘outage’ in the system.
Terror law watchdog Jonathan Hall KC said it was possible state-sponsored hackers could be behind the attack on Collins Aerospace.
Mr Hall, the independent reviewer of terrorism legislation, said attributing the attack would not be easy.
Asked if a state like Russia could have been responsible for the attack, he told Times Radio ‘anything is possible’.
He said: ‘Yes, it’s possible that this is carried out directly by a state, but it’s equally possible to be carried out by a private entity that is, sort of, allowed to operate and does it for a combination of public and private reasons.’
Last week’s cyber attack on Heathrow that caused travel chaos across Europe could have been carried out by a hostile state, an expert has warned (Pictured: Travel chaos at Heathrow on Saturday)
That meant attacks were ‘deniable’ for states, even if hackers were based there.
He said: ‘There are some very capable private entities, let’s say, in Russia or China, who won’t necessarily be being directed by Russia or China.
‘So it’s not as if a member of the GRU (the Russian military intelligence agency) is necessarily going into a company and saying that ‘you’ve got the capability of knocking out some UK infrastructure, please go and do it now’.
‘It’s also possible, in this ecosystem that exists in some of these countries, that a company, an entity, carries out a hack and simply does it for patriotic reasons, or does it because they want to curry favour, or maybe there’s some sort of informal relationship with them.
‘So although we think, understandably, about states deciding to do things it is also possible for very, very powerful and sophisticated private entities to do things as well.’
In a statement on Monday morning, Heathrow said: ‘Work continues to resolve and recover from an outage of a Collins Aerospace airline system that impacted check-in.
‘We apologise to those who have faced delays, but by working together with airlines, the vast majority of flights have continued to operate.’
Passengers should check their flight status before travelling to the airport and arrive no earlier than three hours before long-haul flights and two hours for short-haul.
Brussels Airport said it was expecting disruption to continue today with delays and cancellations.
The European Union’s cybersecurity agency Enisa confirmed on Monday that the disruption was caused by a ‘third party’ cyber attack, but gave no further details.
It was reported that law enforcement bodies are investigating.
Passengers queue in line at Brussels airport on Sunday where dozens of flights were canceled following a cyberattack affecting multiple airports in Europe
Shares in London-listed airline companies were lower on Monday morning as a result.
British Airways owner International Consolidated Airlines Group (IAG), which has primary bases at Heathrow and Gatwick airports, saw shares slide by 1.3 per cent in early trading.
Elsewhere, budget rivals EasyJet and Wizz Air saw their shares drop by 1.3 per cent and 1.5 per cent respectively.
This latest cyber attack comes after others in the summer on UK retailers including M&S, Co-Op and Harrods.
M&S halted orders on its website and saw empty shelves after being targeted by hackers over the Easter weekend.
The retailer – which has 64,000 staff and 565 stores – said online sales and profits in its fashion, home and beauty business were ‘heavily impacted’.
In May, Harrods found itself fighting off a cyber attack after they ‘experienced attempts to gain unauthorised access to some of our systems’.
Customers who were in the luxury west London department store at the time claimed they were unable to make purchases at the time.
Meanwhile, Co-Op stores across the country were left with empty shelves following a devastating cyber attack which stole personal data from 20million customers.
The supermarket said sustained malicious attempts by hackers to access their systems had prompted it to shut down its delivery systems.
Other similar attacks were then made on luxury jewellery firm Cartier, The North Face, Dior, Adidas and Victoria’s Secret.
