European Airports Grapple with Aftermath of Cyberattack: Flight Delays and Cancellations Continue
Several European airports, including Brussels Airport, Heathrow, and Dublin Airport, are still experiencing significant disruption following a cyberattack that targeted check-in and boarding systems. The attack, which occurred on Friday, has resulted in numerous flight cancellations and delays, causing travel chaos for thousands of passengers.
Ongoing Disruptions and Airport Responses
Brussels Airport has been particularly affected, with airlines asked to cancel almost half of their scheduled departures on Monday. Nearly 140 out of 276 outbound flights were scrapped. Airports in Berlin and Dublin are also working to restore normal operations, but travelers are warned to expect continued delays. Heathrow, while reporting that most flights are operating normally, advises passengers to allow extra time for check-in and boarding.
A spokesperson for Heathrow stated, 'We encourage passengers to check the status of their flight before travelling to Heathrow and to arrive no earlier than three hours for long-haul flights and two hours for short-haul.'
At Berlin Airport, manual boarding procedures are still in place for some airlines. A spokesperson for BER indicated that significant waiting times and delays exceeding an hour are expected for some departures on Monday, due to increased traffic from marathon runners returning home.
Dublin Airport experienced the cancellation of 13 flights by midday on Sunday. While Terminal 1 is operating normally, some airlines in Terminal 2 are still using manual processes for bag tags and boarding passes, leading to delays.
The Cyberattack and Its Target
The cyberattack targeted Collins Aerospace, a provider of check-in and boarding systems, which is owned by RTX (RTX.N). The affected software, known as MUSE (multi-user system environment), is used by airlines globally for automated check-ins and boarding. This incident forced airports to manually process thousands of passengers, leading to significant delays.
Collins Aerospace said it is in the final stages of completing necessary software updates and actively working to resolve the issue and restore full functionality. They clarified that the impact is limited to electronic check-in and baggage drop, which can be mitigated through manual operations.
Investigations and Potential Actors
The National Cyber Security Centre (NCSC) is working with Collins Aerospace, affected UK airports, the Department for Transport, and law enforcement to fully understand the attack's impact. Some experts have pointed to groups linked to Russia as potential perpetrators, noting that the attack occurred shortly after Russian jets breached NATO airspace.
One former British military intelligence officer stated that the cyberattack has 'all the hallmarks' of being Russian-related, particularly given Collins Aerospace is a major supplier to the Ukrainian military.
Broader Implications and Industry Response
The European Commission is monitoring the situation and stated that there are no signs of the cyberattack being 'widespread or severe'. However, the incident highlights the vulnerabilities of interconnected systems in the aviation industry. A report by French aerospace company Thales indicated a 600% increase in cyber attacks on the aviation sector between 2024 and 2025.
RTX said, 'We have become aware of a cyber-related disruption to our Muse software in select airports...We are actively working to resolve the issue and restore full functionality to our customers as quickly as possible.'
Aviation expert Anita Mendiratta emphasized that the disruption was 'caused to a software not a specific airport' and urged efforts to 'contain the contagion'.
| Affected Airport | Current Status | Expected Delays |
|---|---|---|
| Brussels Airport | Significant disruptions; airlines asked to cancel flights | More than an hour for some departures |
| Heathrow | Vast majority of flights operating normally | Possible longer check-in and boarding times |
| Berlin Airport | Manual boarding in place for some airlines | Significant waiting times and delays exceeding an hour expected |
| Dublin Airport | Terminal 1 operating normally; Terminal 2 facing delays | Potential longer check-in times in Terminal 2 |
The cyberattack serves as a stark reminder of the growing threat to critical infrastructure and the need for robust cybersecurity measures in the aviation industry. Passengers are advised to check their flight status with their airline and arrive at the airport well in advance of their scheduled departure.
