Ransomware Attack Cripples Check-In Systems at Major European Airports
A wave of cyberattacks has caused widespread disruption across several major European airports, forcing passengers and airlines to revert to manual check-in and boarding procedures.
The incident, confirmed by the EU’s cybersecurity agency (ENISA), was the result of a ransomware attack targeting Collins Aerospace’s “MUSE” system, which provides essential electronic check-in, boarding, and baggage drop services to multiple airports across the continent.
Affected airports included London Heathrow, Berlin Brandenburg, Brussels, and Dublin, where long queues, flight delays, and cancellations left thousands of passengers stranded. Airlines scrambled to adapt by processing passengers manually, slowing down boarding procedures and adding pressure on staff.
ENISA emphasized that the attack did not compromise core aviation safety systems such as flight navigation or air traffic control. However, the disruption highlights the vulnerabilities of third-party service providers, which can serve as critical single points of failure for airports.
While the full scope of the attack is still under investigation, Collins Aerospace has begun rolling out system patches and recovery efforts. European authorities are also assessing whether state-sponsored groups or financially motivated cybercriminals were behind the incident.
This comes amid a surge in cyber threats to aviation infrastructure, including a July 2025 attack on Russia’s Aeroflot airline and recent drone incursions at Scandinavian airports. Experts warn that airports, airlines, and suppliers must strengthen cybersecurity resilience to prevent future large-scale disruptions.