A significant cyberattack on a provider of check-in and boarding systems has led to disruptions at several major European airports, including London’s Heathrow, causing numerous flight delays and cancellations. This incident is the latest in a troubling series of cyberattacks impacting various sectors, from healthcare to automotive, raising concerns about the safety and security of crucial infrastructure.
The cyberattack primarily targeted MUSE software developed by Collins Aerospace, which is responsible for managing systems at numerous airports and for various airlines globally. RTX, the parent company of Collins Aerospace, acknowledged a “cyber-related disruption” affecting operations at certain airports but did not specify which ones. Heathrow Airport confirmed that it had been affected, along with Brussels Airport and Berlin Airport. Shortly thereafter, Dublin Airport reported minor impacts, as did Cork Airport.
The operational disturbances centered on electronic customer check-in and baggage drop systems, prompting RTX to indicate that these issues could be mitigated through manual check-in processes. Despite the ongoing investigation into the source of the attack, authorities have indicated that there are no signs suggesting a widespread or severe threat.
As of mid-morning GMT, reports indicated that 29 flights had been canceled across Heathrow, Berlin, and Brussels.
Brussels Airport announced it would request airlines to cancel half of their scheduled departures on Sunday in an effort to manage the situation and prevent prolonged queues. The European Commission stated that investigations were ongoing, and no definitive conclusions about the attack’s nature had been reached. Analysts suggest that such outages may be a result of ransomware attacks, aimed at extorting payments by incapacitating corporate networks.
Cybersecurity experts are emphasizing the fragile interdependencies among digital systems that support air travel. Rafe Pilling, director of threat intelligence at Sophos, pointed out the extensive impact that such incidents can have on various sectors, highlighting the persistent threat of cyberattacks across industries.
In prior incidents, Collins Aerospace has reportedly been targeted by ransom-seeking hackers, although no details about that link to the current incident have been confirmed. Passengers at the affected airports have been advised to check with their airlines before heading to the terminals.
Travelers reported limited information from airport staff about the situation, creating frustrations as they awaited updates. Some airports, like Frankfurt, confirmed they were not impacted. Airlines were assessing the situation, with EasyJet indicating normal operations and minimal expected disruption.
Overall, British transportation minister Heidi Alexander confirmed she was receiving consistent updates, while cybersecurity authorities in both the UK and Germany were engaged with the affected airports to assess and manage the ongoing situation.
