Cyberattack Cripples European Airports as Brussels Cancels Half of Monday’s Flights

Key Highlights –

• Hackers attacked the MUSE software of Collins Aerospace on Friday, causing problems in London Heathrow, Berlin, and Brussels airports.
• Airports have requested the cancellation of almost 140 of the 276 scheduled departures on Monday owing to still-resolving system issues.
• Heathrow and Berlin Airports are beginning to show improvements with manual processes in place, while Brussels is still under duress.
• The number of cyberattacks on aviation has increased by 600% in the last year, showing the vulnerability of the sector.

Touted as one of the worst cyber-related disruption processes that Europe has ever faced in recent times, major airports are still reeling from the aftermath of the attack on Friday against crucial check-in systems. Brussels Airport remains the worst hit, with the airports themselves requesting cancellation by airlines of almost half of the scheduled departures on Monday. In the meantime, the Collins Aerospace software provider struggles with delivering a secure system update.

The Attack and Its Immediate Impact

The cyberattack specifically targeted Collins Aerospace’s MUSE software, a critical system used by multiple airlines for check-in and boarding operations. Collins Aerospace, owned by defence contractor RTX, provides these services to some of Europe’s busiest hubs, making the attack particularly devastating in scope.

London Heathrow, Europe’s busiest airport, Berlin Brandenburg Airport, and Brussels Airport bore the brunt of the initial hit. Passengers faced chaotic scenes on Saturday as automated systems failed, forming long queues, and airlines decided to perform manual check-in if and wherever possible.

By Sunday, recovery efforts showed mixed results. Aviation data provider Cirium reported Heathrow experiencing “low” delays, Berlin facing “moderate” disruption, while Brussels continued to struggle with “significant” delays. The disparity suggests varying degrees of system complexity and backup infrastructure across the affected airports.

An Extended Crisis for Brussels

Brussels Airport’s situation deteriorated Monday morning when Collins Aerospace failed to deliver the promised secure software update. The airport’s spokesperson confirmed the service provider was “actively working on the issue” but couldn’t provide a timeline for resolution, forcing the unprecedented request to cancel 140 of Monday’s 276 scheduled outbound flights.

The disruption in Brussels, accounting for nearly 50% of departures planned, is thus one of the largest cyber-related aviation disruptions in European history. On Sunday, 50 flights were cancelled from 257 scheduled departures, while 25 flights were cancelled from 234 scheduled departures on Saturday.

Recovery Efforts and Mitigations

Despite the strong challenges, several mitigation measures were put in place by the affected airports. Heathrow stated the “vast majority of flights have continued to operate,” with backup systems revived by Sunday for half of the airlines. British Airways, one of the major operators at Heathrow, installed the backup systems on Saturday.

Berlin Brandenburg Airport confirmed the manual workarounds were still in place, with some airlines continuing to board passengers manually. Departure delays, which persisted as of Sunday, were reported by the airport to be “in line with a normal operating day”.

Collins Aerospace said in a statement released on Monday that it was “in the final stages of completing the updates needed to restore full functionality” at the four airports and airline customers affected.

What to Do If Your Flight Gets Cancelled

Passengers affected by a disruption should know their rights under the Union laws. It acts under EU 261 regulations, which provide passenger rights to compensation for cancelled flights unless such cancellation is due to circumstances beyond the control of the air carrier, commonly referred to as “extraordinary circumstances”. 

In cases of cancellation of a flight, the air carriers must provide alternative booking or transportation services under the law. Passengers should also get food and refreshments, along with accommodation if they need an overnight stay. However, the issue remains legally unsettled when it comes to the meaning of “extraordinary circumstances” in cases of cybersecurity incidents.

Travelers should directly contact their airlines for rebooking options and list all expenses to claim reimbursement. Depending on the wording of policies, travel insurance may also provide coverage.

You may also like to read: Anthropic Refuses Federal Agencies to Use Claude for Spying on Citizens

Wider Security Ramifications

The French aerospace company Thales said cyberattacks in aviation have increased sixfold in the past year, highlighting the increasing vulnerability of this industry toward digital threats. Because today’s aviation systems are interconnected, single-point failures can simultaneously cascade across airports and airlines. 

Regional cybersecurity authorities are investigating the source of the threat, while the National Cybersecurity Center of the United Kingdom confirmed that it was collaborating with Collins Aerospace, the affected airports, and law enforcement agencies.

The European Commission, given responsibility for continental airspace management, said the situation was contained with no indication that the attack had been “widespread or severe” beyond the affected airports. While normal operations are gradually returning to most affected airports, Brussels Airport’s ongoing struggles highlight the complex challenges of securing and rapidly restoring critical aviation systems in an increasingly connected world.