A ransomware attack on check-in systems at Collins Aerospace has led to massive disruptions in major European airports since Friday, with Heathrow, Brussels, Berlin, and Dublin seeing serious delays and cancellations. ENISA, the cybersecurity agency of the European Union, reported on Monday that the chaos of millions of travelers was due to ransomware. The aviation industry has had to contend with the weaknesses of sensitive third-party systems, and airlines have had to revert to manual systems of checking in.
ENISA confirms ransomware attack targeting Collins Aerospace systems
A third-party ransomware attack caused disruptions at several European airports over the weekend, the European Union’s cybersecurity agency said Monday, according to Industrial Cyber. The cyberattack on Collins Aerospace’s MUSE check-in and boarding software disrupted operations at several major European airports over the weekend, causing long queues, delays, and cancellations.
“The type of ransomware has been identified, andย law enforcement is investigating,” the European Union Agency for Cybersecurity (ENISA) reportedly said in a statement. A ransomware attack against Collins Aerospace, a company that provides check-in systems to several airports in Europe, is still causing disruptions across the continent for the fourth day in a row, according to TechCrunch.
Major airports struggle with ongoing operational disruptions
As of this writing, according to FlightRadar24, London’s Heathrow airport has 90% of flights delayed, with an average delay of 29 minutes; Brussels airport has 88% of flights delayed, with an average delay of 43 minutes; Berlin Brandenburg airport hasย 94% of flights delayed, with an average delay of one hour; and Dublin airport has 91% of flights delayed.
Airlines forced to implement manual workarounds amid system failures
Dublin airport’s spokesperson, Graeme McQueen, told TechCrunch in a statement that “there is no timeline at the current time for a fix to be implemented,” as airlines “continue to deploy manual workarounds while work continues to fix the IT issues that have been affecting check-in and boarding systems.” Brussels Airport wrote in a Sunday message that “Disrupted airport operations also on Monday 22 September, causing flight delays and cancellations.”
“The service provider is actively working on the issue and trying to resolve the problem as quickly as possible,” Brussels Airport said in a website post. “At the moment, it is still unclear when the issue will be resolved.” Passengers are advised to check their flight status with their airline before traveling and to come to the airport only if their flight is confirmed.
The aviation sector vulnerability exposed through a supply chain attack
Following news of a cyber incident impacting Collins Aerospace, an NCSC spokesperson said in a Saturday statement, “We are working with Collins Aerospace and affected UK airports, alongside Department for Transport and law enforcement colleagues, to fully understand the impact of an incident.” The spokesperson added that organizations are urged to make use of the NCSC’s free guidance and tools to helpย reduce cyber attack chances.
Critical infrastructure faces mounting cybersecurity challenges
Commenting on the cyberattack, Cody Barrow, CEO at EclecticIQ, wrote that “This attack is a clear reminder of how fragile aviation operations can be when critical systems depend on a handful of third-party providers. By targeting a single vendor, attackers were able to disrupt airports across multiple countries, a textbook example of supply chain risk in action.”
The Collins Aerospace ransomware attack has shown that the networked aviation systems in Europe are highly vulnerable. As airlines are still undertaking manual workarounds, this incident shows the need to address the urgent requirements for resilient cybersecurity and redundancy planning. As the investigations and recovery efforts are underway, the inclusion of cyber defense measures needs to be central to the aviation industry that is fully devoted to the physical safety standards to avoid the occurrence of the disruptive impact in the future.