Ransomware at the Airport

When major European airports ground to a halt in September 2025, the cause wasn't a storm, strike, or mechanical failure. It was ransomware. Collins Aerospace, which supplies check-in and boarding systems to airports across Europe, was hit by a sophisticated cyberattack that began on Friday night (September 20, 2025). Passenger check-in and baggage systems failed at airports including Heathrow, Brussels, Berlin, and Dublin, forcing them into "manual mode" with paper boarding passes and handwritten luggage tags. Thousands of passengers were left stranded or waiting for hours.

This matters for every New Zealand business. Whether you run an airline, a café, or a SaaS startup, the fundamental rule remains the same: when a supplier suffers a cyber security breach, your business operations may stop too.

What Happened at European Airports

The Collins Aerospace incident, confirmed by the European Union Agency for Cybersecurity (ENISA) as a ransomware attack, demonstrates how quickly critical infrastructure can collapse. The attack began on Friday night, and personnel at several airports were forced to switch to manual procedures, leading to long queues and widespread delays:

• Collins Aerospace's check-in software was encrypted by ransomware attackers, impacting multiple European airports simultaneously

• Check-in kiosks, boarding pass printers, and baggage tag systems were completely disabled

• Heathrow reported delays due to the technical issue affecting Collins' software systems

• Airports fell back on manual processes with staff writing boarding passes by hand and manually checking baggage

• While manual systems partly worked, they created hours of delays and numerous flight cancellations

The attack shut down the cloud back-end for Collins' cMUSE platform, highlighting how cloud-dependent modern airport operations have become.

The attack shows how a cyber security incident affecting one third-party vendor can simultaneously cripple multiple organisations that weren't directly targeted. This is what security experts call a "supply chain attack" where criminals target a supplier to reach multiple victims at once.

Concerns in New Zealand

While New Zealand hasn't experienced an airport ransomware attack of this scale, we've had several technology failures that created similar operational chaos and demonstrate our vulnerability:

Auckland Airport System Failures

Auckland International Airport has experienced multiple significant computer system failures in recent years. In August 2024, a computer system glitch forced check-ins to be suspended for several hours, leaving hundreds of travellers stranded. The airport spokesperson confirmed the check-in system experienced technical difficulties due to an external digital system, showing how dependent we are on third-party technology providers.

More recently, in December 2024, another technology issue hit Auckland Airport's international check-in system, causing significant delays during peak travel season. These weren't cyber-related incidents, but they demonstrate how quickly airport operations can collapse when technology fails.

National Aviation System Vulnerabilities

New Zealand's aviation infrastructure has shown other concerning vulnerabilities:

• Air traffic control system failures: Airways New Zealand has experienced rare but significant faults in its control systems that have disrupted flights across the Tasman, causing aircraft to circle offshore while systems were restored

• CrowdStrike global outage (July 2024): A faulty security software update brought down Windows machines globally, affecting New Zealand airports and creating widespread disruption to check-in systems

And let's not forget the Waikato DHB ransomware attack that crippled hospitals, delayed treatments, and exposed patients' sensitive information on the dark web.

These incidents highlight that business continuity and cyber security are now inseparable concerns. Whether the cause is ransomware, a software misconfiguration, or a faulty security update, the operational result is identical: critical business functions stop working.

Why This Matters More Than Ever

The modern business landscape has fundamentally changed. New Zealand companies are more dependent on digital systems and third-party services than ever before:

The SaaS Dependency Problem

Most New Zealand businesses now rely on Software-as-a-Service (SaaS) platforms for critical functions:

• Retail businesses depend on cloud-based point-of-sale systems

• Professional services use cloud accounting and practice management software

• Hospitality venues rely on online booking and ordering platforms

• Manufacturing companies use cloud-based inventory and production systems

When any of these services go down whether from a cyberattack, system failure, or even a routine maintenance issue, business operations can stop entirely.

The Interconnected Risk

The Collins Aerospace attack demonstrates how interconnected modern business systems are. One company's security failure can cascade across multiple industries and countries within hours. For New Zealand businesses, this means:

• A cyberattack on your payroll provider could prevent you from paying staff

• Ransomware hitting your cloud accounting platform could lock you out of financial records

• An attack on your payment processor could stop customers from making purchases

• A breach at your shipping software provider could halt deliveries

Industry-Specific Considerations

Tourism and Hospitality

New Zealand's tourism industry is particularly vulnerable to cyber attacks because:

• Heavy reliance on online booking platforms and payment systems

• Seasonal cash flow patterns make operational disruptions especially costly

• Customer data includes passport details and payment information attractive to criminals

• Many businesses lack dedicated IT security resources

Agriculture and Primary Industries

Modern farming operations increasingly depend on digital systems:

• Precision agriculture software and IoT devices can be attack vectors

• Supply chain management systems connect farms to processors and distributors

• Financial management platforms contain valuable business intelligence

• GPS and automated systems control expensive machinery

Professional Services

Law firms, accounting practices, and consulting companies face unique risks:

• Client confidentiality requirements mean data breaches have severe reputational consequences

• Billing and time tracking systems are essential for cash flow

• Many firms act as trusted advisors, making them targets for social engineering attacks

• Document management systems contain valuable intellectual property

Building Cyber Security Culture

Technical controls are only part of the solution. New Zealand businesses need to build a culture where cyber security is everyone's responsibility:

Staff Training and Awareness

• Provide regular training on identifying phishing emails and suspicious links

• Create clear policies for using personal devices for work

• Establish protocols for reporting suspected security incidents

• Encourage a blame-free environment where staff feel safe reporting mistakes

Leadership Commitment

• Board and senior management must visibly support cyber security initiatives

• Allocate appropriate budget for security tools and training

• Include cyber security risks in business continuity planning

• Consider cyber security implications in all business decisions

Ongoing Improvement

• Regularly review and update security policies and procedures

• Stay informed about emerging threats relevant to your industry

• Participate in industry cyber security forums and information sharing

• Consider joining business continuity networks for mutual support during incidents

The Collins Aerospace ransomware incident serves as a warning for every New Zealand business, regardless of size or industry. The attack, which ENISA confirmed as ransomware, demonstrates how quickly operations can collapse when third-party systems fail.

In New Zealand, we've already experienced how system failures can disrupt everything from air travel to retail operations. The Auckland Airport incidents in 2024 showed how hundreds of travellers can be stranded when check-in systems fail, even without malicious intent. Add ransomware into this equation, and the stakes become much higher.

The lesson isn't just about preventing cyber attacks, it's about building genuine business resilience. This means understanding your dependencies, testing your fallback plans, and being prepared to operate even when your most critical suppliers fail.

Whether you're managing operations at Auckland Airport or running a café in Tauranga, the fundamental truth remains unchanged: cyber security is business continuity. The companies that understand this distinction and prepare accordingly will be the ones still serving customers when others are dealing with the aftermath of preventable disasters.

Investment in cyber security shouldn't be seen as a cost centre or compliance requirement. It's a strategic business capability that enables you to operate confidently in an increasingly connected world. The question isn't whether supply chain attacks and vendor failures will affect New Zealand businesses, it's whether your business will be ready when they do.

This article was updated in September 2025 to reflect the latest cyber security incidents affecting international and New Zealand infrastructure. For more information on cyber security resources for New Zealand businesses, visit the CERT NZ website.