“Clever cyber attack” behind widespread disruption at European airports
September 20, 2025
London Heathrow, Berlin Brandenburg and Brussels among several major European airports hit by travel chaos following cyberattack.
Passengers at several major European airports face disruptions after a cyberattack targeted a third party provider’s check-in and boarding systems, causing some operations to be taken offline.
Difficult airport operations expected on Saturday 20 September. Check the status of your flight before coming to the airport. More information on our website: https://t.co/CGtagAiP9J pic.twitter.com/LRO8hAIGAL
— Brussels Airport (@BrusselsAirport) September 19, 2025
Collins Aerospace check-in and boarding systems targeted in cyberattack
A statement from London Heathrow Airport said that “Collins Aerospace, which provides check-in and boarding systems for several airlines across multiple airports globally, is experiencing a technical issue.”
Passengers are advised to check their flight status before travelling to the airport, while Collins works to resolve the problem.
Collins Aerospace, which provides check-in and boarding systems for several airlines across multiple airports globally, is experiencing a technical issue that may cause delays for departing passengers.
— Heathrow Airport (@HeathrowAirport) September 20, 2025
While the provider works to resolve the problem quickly, we advise… pic.twitter.com/f68e9CbIlu
RTX, which owns Collins Aerospace, confirmed it had been affected by a cyber-related disruption to its MUSE software in select airports, but hasn’t yet named the affected airports. In a statement, it said it is “actively working to restore full functionality to our customers as quickly as possible. The impact is limited to electronic customer check-in and baggage drop and can be mitigated with manual check-in operations.”
Aviation and travel expert Paul Charles described the incident on Sky News as a “very clever attack because it has affected a number of airlines and airports at the same time.”
Describing Collins as “the world’s biggest defence aviation company,” Charles said he was “surprised and shocked,” by the attack.
“There will be deep concerns that their systems have been tampered with in such a way,” he told Sky News.
While the exact cause or perpetrator behind the attack is yet to be confirmed, Charles said it is “deeply worrying,” especially as Collins supplies the UK and other governments around the world.
This latest cybersecurity threat comes amid a rise in cyberattacks on the aviation industry. So far this year, attacks have ranged from hacktivist-led DDoS campaigns to data breaches affecting millions of passengers. SITA’s 2024 Air Transport IT Insights report shows that enhanced cybersecurity is the top priority of investment for airlines and airports. The investment has primarily focused on creating a security operations centre (SOC), with 87% of airlines reporting an implementation.
Brussels and Berlin Brandenburg airports resort to manual check-in
While Brussels Airport didn’t name Collins, it shared a similar message to London Heathrow saying: “There was a cyberattack on Friday night 19 September against the service provider for the check-in and boarding systems affecting several European airports including Brussels Airport.
This means that at the moment only manual check-in and boarding is possible.” Staff at the Belgian hub resorted to writing luggage tags by hand in an attempt to keep operations running.
It is also advising passengers to only travel to the airport if their flight is confirmed. Early on Saturday morning Brussels Airport revealed that 10 flights had been cancelled and more than 17 flights were experiencing delays of more than one hour.
At Berlin Brandenberg access to systems was completely shut down for security reasons, with the airport reporting “longer waiting times at check-in,” while it works on a “quick solution” to a “technical issue.”
According to aviation anayltics firm, Cirium, there has been a total of 16 departures cancelled so far, across Heathrow (LHR), Berlin (BER) and Brussels (BRU). There have also been 13 arrivals cancelled, across the three airports. It also revealed that on Saturday 20 September there were scheduled to be 651 departures from London Heathrow today, 228 from Brussels and 226 from Berlin.
Did Putin also turn London Heathrow into a cross between Islamabad and Nairobi? pic.twitter.com/zm0Qjze6Jt
— TheEndOfEverything (@EternalEnglish) September 20, 2025
Mere coincidence or targeted strike?
The FBI has warned that the aviation industry is an increasingly attractive target for cyber criminals because of its high value and vulnerability due to the vast amounts of data and reliance on shared systems.
“Aerospace organisations are attractive targets because of their operational complexity and high sensitivity to downtime,” Sam Rubin, SVP, Consulting and Threat Intelligence at Unit 42 for Palo Alto Networks told AGN earlier this year.
“Attackers understand that even brief disruptions can have far-reaching consequences – financial, logistical and reputational. This urgency often pressures companies to act quickly, making them more vulnerable to ransom demands.”
However, it is notable that the timing of this latest attack coincides with recent Russian incursions into NATO territories. Less than a week ago it was confirmed that Collins had been awarded a NATO contract to supply its Electronic Warfare Planning and Battle Management software solution.
Speaking at the announcement of the contract, Ryan Bunge, vice president and general manager for Command, Control, Communications, Computers, Intelligence & Autonomy at Collins Aerospace, said: “We’re equipping commanders with a critical tool to visualise electronic warfare threats and automate the use of jammers and sensors. This system will enhance joint operations’ effectiveness, interoperability, scalability, and resilience.”
Collins Aerospace is expected to collaborate closely with NATO to rigorously test, validate, and integrate the system, significantly boosting NATO’s electromagnetic warfare capabilities and contributing to the collective defence and security of member nations.
