Cybersafetyconnections September 22, 2025, vol#236
- From MSN/Copilot there was an alleged cyberattack this weekend that targeted airports across Europe.
- The cyberattack affected the Service provider’s software that was used for boarding and check-in disrupting and delaying passenger’s flight.
- This cyberattack is said to amplify the risk of reliance on Supply chain’s digital systems.
- Politicians and aviation experts are pointing fingers at the kremlins.
- Here is how the National Cyber Security Centre, part of GCHQ, Collins Aerospace, affected airports, and the Department for Transport mitigated loss from the cyberattack.
What happened?
From MSN over the weekend, there was a an alleged cyberattack on check in and boarding software provider Collins Aerospace leading to disruptions and delays in operations and passenger’s flight across Europe.
The cyberattack comes just a year after CrowdStrike faulty software update halted flights in the United States leading to loss of $10 billions ((£7 billion).
Who was impacted?
Flights in London Heathrow, Brussels, Dublin, and Berlin Brandenburg were affected since Friday, and most are looking to continue normal flight operations this Monday 9/22/2025.
Only Terminal 5 at Heathrow Airport for British Airways was operating normally.
Why did it happen?
There are speculations the cyberattack may be due to heavy reliance on supply chains digital systems.
Which cybercriminals were responsible for the cyberattack?
Politicians and aviation experts suspect Kremlin of being behind the cyberattack though no formal investigation report yet.
How did RX and the Airports mitigate loss from the cyberattack?
Here is how the National Cyber Security Centre, part of GCHQ, Collins Aerospace, affected airports, and the Department for Transport mitigated loss from the cyberattack.
OWASP Threat and Safeguard Matrix
The National Cyber Security Centre, part of GCHQ, is in collaboration with Collins Aerospace and affected UK airports, as well as Department for Transport and law enforcement colleagues, to grasp how effect of the cyberattack.
The European Commission, that has a major role in managing airspace across the continent is also watching the situation closely.
When asked, this is what CoPilot is advising:
To protect against supply chain cyberattacks like the one that disrupted European airports, organizations need to adopt a multi-layered, proactive strategy that goes beyond traditional perimeter defenses. Here’s a structured approach:
🛡️ 1. Strengthen Vendor Risk Management
- Conduct thorough due diligence before onboarding vendors—assess their cybersecurity posture, incident response capabilities, and compliance with standards like ISO 27001 or SOC 2.
- Regular audits and assessments of third-party systems help identify vulnerabilities before they’re exploited.
- Include cybersecurity clauses in vendor contracts to enforce accountability and response protocols.
🔐 2. Implement Cyber Supply Chain Risk Management (C-SCRM)
- Use frameworks like NIST CSF 2.0 to integrate cybersecurity into supply chain operations.
- Map out dependencies and identify critical third-party services that could become single points of failure.
🧠 3. Deploy Advanced Threat Detection
- Honeytokens (decoy data assets) can alert you to unauthorized access attempts early in the attack chain.
- Monitor for lateral movement and privilege escalation using Privileged Access Management (PAM) tools.
🔄 4. Build Resilience and Recovery Capabilities
- Backup critical systems regularly and test recovery procedures through simulations.
- Maintain business continuity plans that include alternate vendors or manual fallback processes.
🧩 5. Foster a Security-First Culture
- Train employees to recognize supply chain threats and report anomalies without fear of blame.
- Encourage collaboration between internal teams and external partners to maintain shared vigilance.
Subscribe to get the latest post.
Your CyberSafety Advocate 