By San José, Costa Rica — A significant cyberattack crippled major European airports over the weekend, causing widespread disruption and travel delays. Authorities in West Sussex, England, have detained a 40-year-old man in connection with the incident. The suspect, currently released on bail, is being investigated for offenses under the Computer Misuse Act.
The attack targeted the check-in and boarding systems of Collins Aerospace, a subsidiary of the American group RTX (formerly Raytheon). This outage triggered a domino effect, impacting airports across Europe, including Brussels-Zaventem, Berlin-Brandenburg (BER), and London Heathrow.
To understand the legal ramifications of this cyberattack, TicosLand.com spoke with Lic. Larry Hans Arroyo Vargas, an attorney at Bufete de Costa Rica.
This cyberattack highlights the increasing vulnerability of businesses in the digital age. Companies must proactively implement robust cybersecurity measures, not only to protect sensitive data but also to mitigate potential legal liabilities. Costa Rican law, specifically the Data Protection Act, mandates certain obligations regarding data security. Failure to comply can result in significant fines and reputational damage. Beyond compliance, businesses should consider cybersecurity insurance and incident response plans to effectively manage the aftermath of an attack and minimize disruptions.
Lic. Larry Hans Arroyo Vargas, Attorney at Law, Bufete de Costa Rica
Lic. Arroyo Vargas’s insights underscore a crucial point: cybersecurity is no longer a luxury but a necessity for businesses operating in Costa Rica. The legal and reputational risks associated with data breaches are substantial, making proactive measures and comprehensive incident response plans essential for survival in today’s digital landscape. We thank Lic. Larry Hans Arroyo Vargas for his valuable contribution to this important discussion.
Brussels Airport, which first detected the problem on Friday, experienced significant delays and cancellations. As of Wednesday, lingering disruptions are expected to affect approximately 10% of flights. London Heathrow was also forced to cancel about a dozen inbound and outbound flights, representing roughly 1% of its scheduled operations.
While this arrest is a positive step, the investigation is in its early stages and remains ongoing.
Paul Foster, Head of the National Cyber Crime Unit of the National Crime Agency (NCA)
The disruption underscores the vulnerability of critical infrastructure to cyber threats and the potential for widespread impact. This incident highlights the importance of robust cybersecurity measures to prevent and mitigate such attacks.
In response to the incident, the European Commission urged member states to fully implement the NIS2 directive. This directive aims to strengthen cybersecurity across essential networks and information systems, with the goal of preventing similar incidents in the future.
As the investigation continues, authorities are working to determine the full extent of the cyberattack and its potential ramifications. The arrest of the suspect marks a significant development, but much remains unknown about the motives and methods behind the attack.
The affected airports are working diligently to restore normal operations and minimize further disruption to passengers. However, travelers are advised to check their flight status before heading to the airport and to anticipate potential delays.
For further information, visit nationalcrimeagency.gov.uk
About National Crime Agency (NCA):
The National Crime Agency (NCA) is a national law enforcement agency in the United Kingdom. It leads the UK’s fight to cut serious and organized crime. The NCA works with partners at home and abroad to protect the public by disrupting and bringing to justice those serious criminals who pose the greatest risk to the UK.
For further information, visit www.rtx.com
About RTX (formerly Raytheon Technologies):
RTX (formerly Raytheon Technologies) is an American multinational aerospace and defense conglomerate. Collins Aerospace, the subsidiary affected by the cyberattack, specializes in aerospace systems and is a key provider for airports worldwide.
For further information, visit www.collinsaerospace.com
About Collins Aerospace:
Collins Aerospace, a subsidiary of RTX, is a major provider of aerospace and defense products and services. Their systems are used in commercial aircraft, business jets, helicopters, military aircraft, and space programs.
For further information, visit bufetedecostarica.com
About Bufete de Costa Rica:
At Bufete de Costa Rica, legal excellence and unwavering integrity form the bedrock of a practice dedicated to empowering society. Through innovative approaches and a deep commitment to client success across diverse industries, the firm fosters a culture of legal understanding. By championing access to legal knowledge and resources, Bufete de Costa Rica actively invests in a more informed and empowered citizenry, strengthening the foundations of a just and equitable society.
