The European Union Agency for Cybersecurity (ENISA) has confirmed that a ransomware cyberattack disrupted airport check-in systems across Europe, causing widespread flight delays and cancellations. The attack targeted software used by several major airports, forcing staff to rely on manual check-in and boarding processes.
Ransomware Attack Hits Major European Airports
On Friday, hackers compromised the systems of Collins Aerospace, the U.S.-based software provider behind the popular Muse check-in platform. The attack led to disruptions at London Heathrow Airport, Berlin Airport, and Brussels Airport, among others.
ENISA told Reuters and the BBC that the ransomware scrambled automated systems, forcing airlines to adopt manual workarounds while investigations are ongoing. Law enforcement agencies are now involved in tracing the cybercriminal group responsible.
Impact on Airlines and Passengers
The disruption has affected thousands of passengers, with many experiencing long delays, missed connections, and last-minute cancellations. Internal crisis communications at Heathrow Airport revealed that over 1,000 computers may have been compromised, making recovery efforts slow and complex.
By Sunday, about half of Heathrow’s airlines, including British Airways, had managed to get back online using backup systems. However, Brussels Airport was forced to cancel nearly 140 outbound flights, and delays persisted in Berlin.
Officials at Heathrow apologized for the disruption, stressing that “the vast majority of flights have continued to operate” while urging passengers to check their flight status before traveling.
Collins Aerospace Response
Collins Aerospace, part of Raytheon Technologies, confirmed it was still dealing with the cyber incident. The company admitted that after initially rebuilding its systems, hackers were still inside the network. Staff were instructed not to log out or turn off affected computers while urgent software patches and security updates were being deployed.
The attack highlights growing concerns over aviation cybersecurity risks. Cyberattacks on the aviation industry have reportedly increased by 600% in the past year, according to a study by French aerospace company Thales.
Ransomware Threats in Aviation and Beyond
Ransomware is a preferred method of attack for criminal gangs seeking to extort payments in cryptocurrency like Bitcoin. In April, UK retailer Marks & Spencer faced a major ransomware incident that cost nearly £400 million in recovery expenses and prolonged business disruption.
The UK’s National Cyber Security Centre (NCSC) is now working with Collins Aerospace, impacted airports, the Department for Transport, and law enforcement to assess the full extent of the attack.
This incident underscores the vulnerability of critical infrastructure such as airports and airlines to cyberattacks. With growing dependence on digital systems for air travel operations, experts warn that both governments and private companies must strengthen cyber defense strategies against ransomware and other evolving threats.
