"Collins Aerospace operates ARINC AviNet, a virtual environment that hosts their ARINC vMUSE ground system for customers. Attackers exploited vulnerabilities in the ground system and its proprietary network, resulting in significant operational delays, reputational damage, and a loss of passenger trust. It is believed that the attackers accessed the shared AviNet network and subsequently encrypted portions of the ARINC Multi-User System Environment (vMUSE)."
"Despite comprehensive regulations like NIS2, most organizations significantly underestimate the security risks stemming from a lack of visibility into their vendors' security posture. Vendor risk management is not merely a compliance checkbox but a strategic issue of resilience, as this incident demonstrates how a third-party ransomware attack can ripple across entire ecosystems. The incident was likely a result of security negligence. Researchers discovered several outdated systems (IIS 8.5, Glassfish 2014, Oracle 2015, and end-of-life Cisco ASA devices) that presented predictable vulnerabilities for attackers."
In late September 2025, several European airports experienced significant delays and cancellations when Collins Aerospace's vMUSE check-in system was hit by ransomware. Attackers exploited vulnerabilities in the ARINC AviNet environment and encrypted portions of the shared vMUSE platform, forcing airports to revert to manual operations such as hand-written boarding passes. The incident produced operational delays, reputational damage, and loss of passenger trust. Researchers found outdated software and end-of-life devices that created predictable attack vectors. The event framed vendor risk management as a strategic resilience issue rather than a compliance checkbox and underscored the need for modernization and supply-chain visibility.
Read at Techzine Global
Unable to calculate read time
Collection
[
|
...
]