A significant cyberattack targeting check-in and boarding systems has recently disrupted air traffic, causing delays across several major European airports, including Brussels, Berlin’s Brandenburg, and London’s Heathrow. Officials have confirmed that while the initial impact was extensive, it seemed to be manageable and primarily localized to specific systems.
The incident, occurring on Friday night, involved a cyberattack on the service provider responsible for check-in and boarding systems. Brussels Airport reported a “large impact” on flight schedules, stating that airlines were only able to facilitate manual check-in and boarding processes temporarily. Other airports, while experiencing some disruption, indicated their operations remained largely unaffected.
Collins Aerospace, the affected service provider, acknowledged a “cyber-related disruption” to its MUSE (Multi-User System Environment) software, which is crucial for passenger check-in, printing boarding passes, and managing checked luggage at various kiosks. This breach seems to illustrate the vulnerabilities within the aviation sector, particularly as it operates on shared digital platforms.
Travel analyst Paul Charles described the event as “deeply worrying,” emphasizing the sophistication of the attack. He noted that such a breach affecting multiple airlines and airports highlights significant vulnerabilities in systems typically safeguarded by robust security measures. The incident underscored the interconnected nature of the industry where a single compromise can influence numerous entities simultaneously.
As the day progressed, the fallout from the cyber incident appeared to stabilize. By mid-morning, nine flights had been canceled at Brussels Airport, four were redirected, and multiple others faced delays exceeding one hour. At Brandenburg Airport, no cancellations had been reported by late morning, although officials cautioned that the situation could change depending on developments with the affected systems. Heathrow, Europe’s busiest airport, reported minimal disruption, with no cancellations attributed directly to the cyberattack.
Passengers expressed frustration, particularly at Heathrow, as staff shortages rendered traditional check-in processes slow and cumbersome. One traveler recounted a three-hour wait at baggage check-in, highlighting the operational challenges and inconvenience posed by the manual processes necessitated by the cyberattack.
Collins Aerospace, a subsidiary of RTX Corp. (formerly Raytheon Technologies), stated it is actively working to resolve the issue and restore full functionality. The company reassured customers that the situation could be managed with manual operations, which mitigated some immediate impacts.
Cybersecurity experts pointed out the increasing attractiveness of the aviation sector to cybercriminals. They noted that attacks often exploit vulnerabilities through third-party platforms shared by multiple airlines and airports. This interconnectedness means that a compromise affecting one vendor can ripple out to disrupt operations across borders and systems.
While it remains unclear who orchestrated the attack, experts are analyzing the nature of the breach. Some observations suggest it might resemble vandalism rather than traditional extortion, although further information will be critical to understanding the motives behind the attack. The ongoing investigation aims to uncover potential clues and prevent similar incidents in the future.
