Ransomware Attack Disrupts European Airports for Fourth Day
A major cyberattack targeting Collins Aerospace's check-in and boarding software has caused ongoing disruption across several of Europe’s busiest airports, including Heathrow, Brussels, Berlin, and Dublin. The European Union’s cybersecurity agency ENISA confirmed ransomware was used to cripple the Muse system, forcing airlines to fall back on manual processes. Heathrow's Terminal 4 has been hit hardest, with some flights delayed up to two hours. “The vast majority of flights at Heathrow are operating as normal,” the airport said, but acknowledged longer check-in times.
The issue began on Friday, and while Collins Aerospace says it is “in the final stages of completing necessary software updates,” airports are still facing cancellations and delays. Brussels Airport cancelled over 50 flights on Monday and said it remained “unclear” when full functionality would return. Airlines have been asked to thin out schedules, with passengers urged to check flight statuses and arrive no earlier than three hours for long-haul, or two for short-haul flights. According to an internal memo, over a thousand computers may have been “corrupted,” with some systems rebuilt only to discover hackers were still inside.
Cyberattacks in aviation have spiked by 600% in the past year, and experts warn that over-reliance on third-party tech providers is leaving critical infrastructure exposed. A spokesperson for the UK’s National Cyber Security Centre said it is working with Collins, airports, and law enforcement to assess the situation. Meanwhile, Collins has not disclosed how the breach occurred or whether a ransom was demanded. As one Brussels Airlines statement put it: “Flights could get cancelled or delayed—always check the status of your flight before coming to the airport.”
