Airport services firm Swissport reports ransomware incident

This post originally appeared on ZDNet, February 4, 2022.


Swissport said part of its IT infrastructure was hit with a ransomware attack on Thursday.

Swiss airport management service Swissport reported a ransomware attack affecting its IT systems on Friday. The company said the ransomware attack targeted its IT infrastructure. 

The group behind the attack was not named. 

Also: Prosecutors investigating cyberattacks affecting multiple Belgian and Dutch ports

“The attack has been largely contained, and we are working actively to fully resolve the issue as quickly as possible. Swissport regrets any impact the incidence has had on our service delivery,” Swissport said. 

A spokesperson for the National Cyber Security Centre in Switzerland told ZDNet that they are in contact with Swissport but could not provide more information. The company’s website is currently down. 

Headquartered in Opfikon, Switzerland, the company manages airport ground and cargo handling services. 

Der Spiegel reported that 22 flights were delayed about 20 minutes due to the attack. The company told the newspaper that there would be some delays but that it would continue providing ground services at Zurich Airport and 306 other locations. 

The attack caps a week of ransomware attacks and cybersecurity incidents affecting European oil and transportation services. A cyberattack on two German oil suppliers forced energy giant Shell to reroute oil supplies to other depots. The German Federal Office for Information Security (BSI) said the BlackCat ransomware group was behind the incident, which affected 233 gas stations across Germany.

On Thursday, multiple ports in Belgium and the Netherlands reported issues after a cyberattack affecting IT services. Terminals operated by SEA-Tank, Oiltanking, and Evos in Antwerp, Ghent, Amsterdam, and Terneuzen are all dealing with issues related to their operational systems. In a statement to ZDNet, Oiltanking said it “declared force majeure” due to the attacks. 

A spokesperson from Evos told ZDNet that they are continuing to operate their terminals but are having some delays after the attack disrupted IT services at terminals in Terneuzen, Ghent, and Malta. Prosecutors in Antwerp have opened an investigation into the cyberattacks.

Billion-dollar German logistics firm Hellmann Worldwide Logistics was also hit with ransomware in December.

The Dutch Ministry of Justice and Security told ZDNet that news outlets making connections between the attacks in The Netherlands, Belgium, and Germany were incorrect. 

“Based on the information, the NCSC has seen the following: As far as currently known, it doesn’t seem to be a coordinated attack. Probably the attacks have been carried out with a criminal intent aimed at financial gain,” NCSC spokesperson Miral Scheffer said. 

“The NCSC will monitor the situation closely and take actions when necessary.”


About InfoSystems

For over 25 years, InfoSystems has provided reliable IT solutions to build and maintain strong and secure systems for both SMB and enterprise organizations. Headquartered in Chattanooga, TN, our trusted team of experts specialize in traditional infrastructure, IT optimization and cybersecurity services, as well as next gen solutions such as hybrid cloud and automation, from partners such as IBM, Red Hat, Dell Technologies, Microsoft and VMware.

Share this post

Schedule An Intro Meeting

Name(Required)
This field is for validation purposes and should be left unchanged.