- Neeve
- Posts
- 💣 Auto Crisis & AI Weaponization
💣 Auto Crisis & AI Weaponization
Everest Gang claims Collins Aerospace breach disrupting Heathrow, Brussels, and Berlin airports
Alison Bridge
October 21, 2025
Welcome to your essential briefing on threats at the intersection of cybersecurity and critical infrastructure, brought to you by Neeve, the edge cloud security platform for smart buildings, making built spaces secure, intelligent, and sustainable.
This Week’s Cyber Insights
🚗 Automotive Sector Faces Catastrophic Cyber Threats
The automotive industry confronts unprecedented cybersecurity challenges following a devastating attack on Jaguar Land Rover, prompting government intervention.
Catastrophic cyberattack on Jaguar Land Rover disrupted operations significantly
Financial losses from the attack estimated in the millions of dollars
Urgent government and industry leader discussions initiated regarding business resilience
High infrastructure impact designation reflects sector-wide vulnerability concerns
Experts emphasize need for comprehensive cybersecurity frameworks and advanced technology investments
🤔 The Bigger Picture:
Automotive manufacturing facilities face similar supply chain and operational technology risks. Critical infrastructure operators should review their business continuity plans and cybersecurity investment priorities.
📡 NIST Updates IoT Security Framework for Product Manufacturers
NIST released the second public draft of foundational cybersecurity activities for IoT product manufacturers, marking a significant update to guidance that shapes how connected devices are secured from design through deployment.
NIST IR 8259 Revision 1 Second Public Draft expands focus on product cybersecurity capabilities and incorporates feedback from 400+ participants across industry, consumer organizations, academia, and federal agencies.
Key revisions include splitting existing activities for clarity, adding new "Activity 0" to establish baseline requirements, and strengthening risk assessment and threat modeling integration.
The framework now includes enhanced references to the NIST Cybersecurity Framework and industry-specific examples to illustrate application across different manufacturing and infrastructure sectors.
NIST added critical clarification on relationships between customer needs, product goals, and cybersecurity capabilities—addressing manufacturer confusion about translating requirements into technical controls.
A worked example demonstrating sequential progression through activities while developing a representative IoT product will be released later this fall, with public comment period closing October 31, 2025.
🤔 The Bigger Picture:
Building automation systems, smart HVAC controllers, and access control platforms are all IoT products that fall under this guidance—facility operators should verify vendor compliance during procurement as this framework shapes the security baseline for every connected device entering your building infrastructure.
✈️ Everest Gang Claims Collins Aerospace Attack That Disrupted EU Airports
A cyberattack on Collins Aerospace disrupted check-in and boarding systems at major European airports including Heathrow, Brussels, and Berlin, with the Everest ransomware gang now claiming responsibility before their leak site mysteriously went offline.
The September attack targeted Collins' Muse software, forcing numerous flight delays and cancellations as airports reverted to manual operations.
Collins Aerospace, a subsidiary of RTX (formerly Raytheon Technologies), provides critical avionics, navigation systems, and flight control solutions for civilian and military aircraft.
The Everest gang's leak site went offline with a "Fatal error" message immediately after claiming the breach, suggesting possible law enforcement takedown or tactical retreat.
The attack exposes critical supply chain vulnerabilities in defense and aviation infrastructure, as Collins designs components for radar systems and communication platforms used in Western military programs.
🤔 The Bigger Picture:
Supply chain attacks on defense contractors cascade through entire aviation ecosystems—airports, airlines, and military clients all depend on these interconnected systems. Facility operators should evaluate critical vendor dependencies and implement segmented architectures that limit lateral movement if a supplier is compromised.
Further Alerts & Insights
⚠️ Former Google CEO Warns AI Systems Can Be Hacked Into Weapons
Eric Schmidt reveals hackers can reverse-engineer AI models to remove safety guardrails, citing the jailbroken ChatGPT variant "DAN" that bypassed all safety rules. Schmidt compared today's AI race to the early nuclear era, calling for a "non-proliferation regime" to prevent rogue actors from exploiting AI systems to learn dangerous behaviors.
🏭 Critical Rockwell Automation Vulnerability in Industrial Control Systems
CISA issued an advisory for a high-severity vulnerability (CVSS 8.7) in Rockwell Automation's FactoryTalk View Machine Edition and PanelView Plus 7 systems, affecting widely-used industrial control interfaces. The vulnerability is remotely exploitable with low attack complexity, requiring immediate attention from organizations using these systems for facility operations and manufacturing control.
🚨 F5 Breach Triggers Government Emergency Response
A significant security breach at F5 has prompted a CISA emergency directive described as a "five-alarm fire," while OpenAI reveals new details about ChatGPT exploitation attempts. The incident highlights the growing intersection of AI and cybersecurity threats, with corporate boards increasingly disclosing AI-related risks.
🎯 Perfect 10.0 CVSS Vulnerabilities Hit Industrial Control Systems
Two maximum-severity vulnerabilities have been discovered in Red Lion Sixnet remote terminal units, potentially allowing attackers to execute arbitrary code with highest privileges. Organizations using these RTUs in critical infrastructure face immediate risk and should apply patches urgently.