European airports disrupted by supply chain cyberattack

A cyberattack on a provider of check-in and boarding systems caused significant disruptions at several major European airports on Saturday, including London’s Heathrow, the busiest airport on the continent. This incident resulted in numerous flight delays and cancellations, marking yet another instance in a series of cyberattacks targeting various sectors worldwide, from healthcare and defence to retail and automotive industries. The problems stemmed from the MUSE software developed by Collins Aerospace, which services multiple airlines globally. RTX, the parent company of Collins Aerospace, acknowledged a “cyber-related disruption” affecting selected airports, including Heathrow, Brussels, and Berlin. Dublin Airport and Cork Airport also reported minor impacts from the issue. RTX stated that the disruption primarily affected electronic customer check-in and baggage drop processes, but manual check-in operations could mitigate the impact.

As of 1130 GMT, aviation data provider Cirium reported that 29 flight departures and arrivals had been cancelled at Heathrow, Berlin, and Brussels. A total of 651 departures were scheduled from Heathrow, 228 from Brussels, and 226 from Berlin on that day. Officials at Brussels Airport indicated that there had been four flight diversions and delays on most departing flights. To manage the situation, Brussels Airport requested airlines to cancel half of their scheduled departing flights on Sunday to prevent long queues and further cancellations, suggesting that the disruption would persist throughout the weekend. A spokesperson for the European Commission noted that there were no indications of a “widespread or severe attack,” and investigations into the incident’s origin were ongoing. Cybersecurity experts highlighted the fragile nature of the digital ecosystem supporting air travel, emphasising the significant and real threats posed by such cyber incidents.