The UK’s National Crime Agency (NCA) has arrested a suspect potentially involved in a cyberattack that affected various UK and European airports.
The NCA released a brief statement saying that a man in his forties was arrested in West Sussex, England, on “suspicion of Computer Misuse Act offenses,” following a cyber incident that caused major disruptions to European airports.
Officers supported by the South East Regional Organized Crime Unit (ROCU) made the arrest on Tuesday evening.
However, the man has been released on “conditional bail,” the NCA said.
“Although this arrest is a positive step, the investigation into this incident is in its early stages and remains ongoing,” the deputy director and head of the NCA’s national cybercrime unit, Paul Foster, said.
Gary Cannon, transport practice lead at the cybersecurity consulting firm NCC Group, raised concerns surrounding the cyberattack that paralyzed prominent European airports.
"While this weekend’s hack demonstrated the impact on logistics, an attack that threatens safe flight operations could be just around the corner, and the aviation sector must be prepared for it," Cannon said.
“Without treating cybersecurity with the same priority as physical safety, the aviation sector risks cascading failures in both trust, operations, and passenger safety.”
The event, first reported on September 19th, 2025, caused chaos, including flight cancellations and delays.
Collins Aerospace, a system provider for numerous airports worldwide, reported a “technical issue” that first affected airports in Brussels and Berlin.
The service provider is responsible for airline check-in and boarding systems at numerous airports globally.
Later, Dublin Airport and Cork Airport, along with London Heathrow, also experienced technical problems, Cybernews previously reported.
While most of these airports didn’t reveal too much information about the “technical issue,” Brussels Airport said that Collins Aerospace had suffered a cyberattack on Friday night, causing delays and making check-in and boarding difficult.
Europe’s busiest airports, like London Heathrow, Berlin Airport, and Brussels, struggled to restore their operations following the hack.
The European Union Agency for Cybersecurity, ENISA, later confirmed that disruptions to the airport’s automatic check-in were due to a ransomware attack.
The attackers successfully disrupted Collins Aerospace's automated check-in systems, causing delays, cancellations, and long queues at the airports.
“The type of ransomware has been identified. Law enforcement is involved to investigate,” the agency said in a statement.
Unlock more exclusive Cybernews content on YouTube.
Your email address will not be published. Required fields are markedmarked