A man has been arrested in connection with a cyber-attack that has caused days of disruption at several major European airports, including Heathrow.
The National Crime Agency (NCA) confirmed that a man in his forties was detained in West Sussex on Tuesday evening on suspicion of offences under the Computer Misuse Act. He has since been released on bail.
The incident has been linked to problems at Collins Aerospace, a US-based company whose baggage and check-in software is used by multiple airlines. The outage has led to hundreds of flight delays, with some passengers checked in manually using pen and paper.
Paul Foster, head of the NCA’s national cyber crime unit, said: “Although this arrest is a positive step, the investigation into this incident is in its early stages and remains ongoing.”
An internal memo seen by the BBC shows that Heathrow staff were briefed on continuing difficulties as Collins Aerospace attempts to restore its systems.
The company is understood to be rebuilding the platform after an unsuccessful attempt to relaunch it on Monday.
Charlotte Wilson, head of enterprise at Check Point Software, said, “The Heathrow arrest shows progress, but this disruption is part of a much bigger picture.
“We are seeing a domino effect in aviation, with aircraft and passengers ending up in the wrong places as systems fail. Airlines are on a war footing, and cyberattacks on critical infrastructure are fast becoming the new norm.
“This is the modern-day bank heist. Whether state-sponsored or driven by organised criminal gangs, the goal is the same: disruption and financial gain. One arrest will not stop this wave.
“The reality is that these attacks are escalating and will not respect borders. The only way to protect aviation is constant vigilance, layered defence, and faster intelligence sharing between governments, airlines, and technology providers. Anything less leaves passengers at risk and global travel exposed.”
