*

Drone sightings disrupted flights at Copenhagen and Oslo

this

week

*

Incidents followed cyberattack affecting Heathrow,

Brussels and

Berlin

*

Hybrid threats test Europe's aviation infrastructure

resilience

*

Upgrading airport tech to counter threats is costly and

slow

By Joanna Plucinska and James Pearson

LONDON, Sept 24 (Reuters) - A hack hitting major

airports across Europe followed by drone incursions in

Copenhagen and Oslo are testing the weak spots of the region's

aviation infrastructure and raising fears about coordinated

attacks leading to increased disruption.

In Denmark, drones halted flights at Copenhagen's main

airport on Monday for several hours, with Danish Prime Minister

Mette Frederiksen linking the incident to a series of suspected

Russian drone incursions and other disruptions across Europe.

That came alongside a separate drone incident in Norwegian

capital Oslo and days after hackers hit check-in systems with a

ransomware attack at airports including London's Heathrow,

Europe's busiest, as well as in Berlin and Brussels.

Investigators are yet to determine who was behind the

disruption, but experts see them as part of a spate of recent

"hybrid threat" incidents in the region to test how countries

manage their critical infrastructure.

"First is to test how the method works. In this case, it

leads to closing down airports," said Jukka Savolainen, network

director at the European Centre of Excellence for Countering

Hybrid Threats. "The second testing point is our reaction."

Russia's ambassador to Denmark, Vladimir Barbin, said in a

statement sent to Reuters that allegations of Russian

involvement were ungrounded. Reuters could not independently

confirm who was behind the drone disruption or the weekend hack.

ATTACKS SHOW VULNERABILITY OF SECTORS SUCH AS AVIATION

The disruptions, though, lay bare how vulnerable the civil

aviation sector's operations can be, with outages down the

supply chain rippling across airports and airline operations,

leading to hundreds of delayed and cancelled flights.

As so-called "hybrid war" threats grow, including drones,

GPS interference and hacks, experts say aviation regulators need

to take more proactive steps to mitigate against risks to

cybersecurity, navigation systems and overall safety.

"This attack shows just how vulnerable highly connected

industries like aviation can be," said Bart Salaets at U.S.

cybersecurity firm F5, speaking about the weekend hack of

Collins Aerospace check-in software.

Analysts and experts Reuters spoke to pointed to an increase

in activity by possible Russian actors across Europe in recent

weeks as an impetus for regulators to offer clearer guidelines

and encourage more action to defend critical infrastructure.

"(Drone activity) is getting worse and in my opinion it

won't stop," said Eric Schouten, director of security

intelligence and aviation advisory firm Dyami.

"Airlines are looking at governments and authorities in

this, airports the same."

Moscow has consistently denied responsibility for any hybrid

attack in Europe.

Europe's air traffic control body Eurocontrol said it was

providing support to local air traffic control and national

authorities to manage the impact of such incidents.

"Operators need to be able to dynamically risk assess their

operations, have plans in place for diverts and risk mitigation

measures," aviation security consultancy Osprey's intelligence

officer Matthew Borie told Reuters.

REGULATORS NEED TO TIGHTEN STANDARDS

The cost and burden of upgrading infrastructure could prevent

airports from moving fast to react, even as security concerns in

civil airspace gain prominence with a war at Europe's eastern

edge after Russia's 2022 full-scale invasion of Ukraine.

Upgrading technology at airports, such as jamming tools,

lasers and trackers, to mitigate risks from hacks and drones can

cost millions of dollars and be a cumbersome process - one that

not all infrastructure operators are willing to undertake

imminently.

Airline trade body IATA also said that anti-drone technology

was still developing and was often beyond an airport's budget.

In the United States, the FAA says that it receives more than

100 reports of drone sightings near airports each month.

Jake Moore, an advisor at ESET, a Slovakian cybersecurity

firm, said that when aviation supply chains were attacked

it created disruption on a global scale.

"Regulators need to tighten standards even more for critical

aviation IT suppliers," he said.

"Whether this was a deliberate disruption attack, a

financially motivated ransom or a major technical failure, the

impact demonstrates how fragile such systems can be in a

digitally focused world."

(Additional reporting by Lisa Barrington and Gwladys Fouche;

Editing by Adam Jourdan and Alex Richardson)