On Tuesday, Croatian officials confirmed that St Jeronim Airport in Split was significantly impacted by a cyberattack earlier in the week. The attack caused severe disruptions to the airport’s operations, with the IT system experiencing major technical difficulties around 7:30 pm on Monday evening. As a result, numerous flights were canceled or delayed, forcing passengers to spend the night at the airport.
Transport Minister Oleg Butkovic identified the incident as a cyberattack and reported that the airport’s IT system was still in the process of recovery. In the meantime, airport staff had to manage operations manually while experts worked intensively to address the issues caused by the attack. Despite the challenging circumstances, authorities chose not to meet the attackers’ demands, opting to handle the situation through technical and operational measures.
Interior Minister Davor Bozinovic described the incident as a “classic ransomware” attack, noting that an international group was behind the operation. The attackers, identified as the Akira group, are linked to the Russian-based Conti ransomware group. This connection points to a potentially sophisticated and organized cybercriminal effort, with the group’s location currently traced to the Eurasian region.
By Tuesday afternoon, the airport managed to resume normal operations, handling around 80 flights and approximately 25,000 passengers. Airport authorities reported no significant delays by early afternoon and continued to work with airlines to find alternative solutions for affected passengers. The incident underscores the increasing threat of cyberattacks on critical infrastructure and the need for robust defenses against such threats.
Reference:
