Chaos in the Skies: Cyberattack on Aviation Tech Giant Disrupts Major European Airports

A major cyberattack targeting a key technology provider for the aviation industry caused widespread disruption across several of Europe's busiest airports this weekend, including London Heathrow, Brussels Zaventem, and Berlin Brandenburg. The attack, which began on Saturday, September 20th, targeted the MUSE (Multi-User System Environment) software from Collins Aerospace, a subsidiary of RTX. This critical system is used by numerous airlines for passenger check-in, boarding pass printing, and baggage handling.The incident forced airports to revert to manual processing, leading to significant delays, flight cancellations, and long queues of frustrated passengers. The attack highlights the increasing vulnerability of the highly digitized and interconnected aviation ecosystem to cyber threats.

The Anatomy of the Attack

The cyberattack specifically targeted the MUSE software, a shared-use platform that allows multiple airlines to utilize the same airport infrastructure, such as check-in desks and boarding gates. This efficiency-driven solution, common in modern airports, also presents a single point of failure. When the system went down, the impact was felt across numerous airlines simultaneously.Collins Aerospace, a leader in technologically advanced solutions for the global aerospace and defense industry, acknowledged a "cyber-related disruption" and has been working to restore services. However, the full nature and origin of the attack have not yet been disclosed. As of Sunday, manual workarounds were still in place at several airports, with recovery efforts ongoing.

Widespread Disruption Across Europe

The impact of the attack was felt most acutely at major European hubs. The following table summarizes the reported effects:

Airport	Reported Impact
Brussels Airport (Zaventem)	45 out of 257 departing flights cancelled on Sunday; delays of 30-90 minutes; Eurocontrol requested airlines to cancel half their flight schedules until Monday morning.
London Heathrow	47% of departing flights delayed on Saturday; British Airways operated normally using a backup system, but most other airlines were affected.
Berlin Brandenburg	12 cancellations on Saturday; delays were generally kept under 45 minutes; passengers were advised to use online or self-service check-in.
Dublin Airport	Some airlines reverted to manual check-in, but the airport expected to operate a full schedule.

The disruption left many passengers stranded. One traveler, Naomi Rowan, who was moving to Costa Rica with her dog, was unable to fly from Heathrow because the manual system could not process her pet. She was forced to rebook for a flight two days later.

A Growing Threat to the Aviation Industry

This incident is not an isolated event but rather a stark example of a rapidly growing trend. The aviation industry has become a prime target for cybercriminals and state-sponsored actors due to its critical role in global commerce and transportation.A recent report from Thales, a global technology leader, revealed a staggering 600% year-on-year increase in ransomware attacks within the aviation sector [1]. The report, published in June 2025, documented 27 major attacks by 22 different ransomware groups between January 2024 and April 2025. The global aviation cybersecurity market is estimated to be worth $5.32 billion in 2025 and is projected to grow significantly as the industry grapples with these escalating threats."The aviation industry has become a digital battlefield with significant economic and geopolitical interests at stake," stated Ivan Fontarensky, CTO for Cyber Detection and Response at Thales. "The sharp increase in the number of attacks calls for a holistic approach to aviation cybersecurity..." [1]

The Path Forward

As airports and airlines work to recover from this weekend's disruption, the incident serves as a critical wake-up call. The reliance on interconnected digital systems, while offering efficiency, also creates vulnerabilities that can be exploited on a massive scale. Governments and industry leaders are now under increased pressure to bolster cybersecurity measures.The UK's National Cyber Security Centre and the European Commission are both actively monitoring the situation and working with the affected parties. The investigation into the source of the attack is ongoing, but the event underscores the urgent need for greater resilience, robust backup systems, and enhanced collaboration to protect the world's aviation infrastructure from the ever-present threat of cyberattacks.