Major cyber attack causes delays at several European airports

A major cyber attack targeting a key aviation service provider has caused widespread disruption across Europe, leading to hundreds of flight delays and cancellations at major hubs including Heathrow, Brussels, and Berlin.

The incident, which left electronic check-in and boarding systems inoperable, highlights the vulnerability of the interconnected global aviation industry.

The attack, which began on Friday night, targeted Collins Aerospace, a leading American aviation and defence company. The company’s Muse software – a passenger processing system used by numerous airlines at various airports –  was hit by a “cyber-related disruption.”

This software allows multiple airlines to use the same check-in and boarding facilities, meaning an attack on a single vendor had a ripple effect across the continent.

While some airlines like British Airways were able to switch to a backup system, most other carriers at Heathrow were affected, forcing airports to revert to manual check-in and baggage procedures.

The immediate fallout has been significant. At Heathrow, over 300 flights were delayed, and eight were cancelled. Brussels Airport reported 14 cancellations, and Eurocontrol, Europe’s combined aviation safety organisation, said airline operators had been asked to cancel half their flight schedules to and from Brussels between 04:00 GMT on Saturday and 02:00 on Monday due to the disruption.

Dublin and Cork airports also experienced a “minor impact.” Passengers have reported multi-hour queues and missed connections. One traveller, Monazza Aslam, expressed her frustration at being stuck on the tarmac for over an hour, while another, Johnny Lal, shared the emotional toll of missing his mother-in-law’s funeral flight, made worse by the airport’s inability to provide a mobility scooter for his elderly mother due to the system failures.

While the problems caused by the attack are clear, the identity of those behind it remains a mystery. Some cybersecurity experts and analysts have been quick to dismiss accusations of Kremlin-sponsored hackers. Instead, they suggest the attack bears the hallmarks of a criminal gang seeking extortion.

Such groups, often based in Russia or former Soviet countries, have made millions from ransomware and data theft. However, Collins Aerospace has not yet commented on the nature or origin of the hack, and without further details, it is impossible to name the perpetrators definitively.

Charlotte Wilson, from cybersecurity firm Check Point, said the aviation industry has become “an increasingly attractive target” for cybercriminals due to its reliance on shared systems.

“These attacks often strike through the supply chain, exploiting third-party platforms that are used by multiple airlines and airports at once.

“When one vendor is compromised, the ripple effect can be immediate and far-reaching, causing widespread disruption across borders.”

The incident serves as a stark reminder of how a single digital flaw can bring a critical global industry to a standstill.