There has been major disruption in the last few days at London Heathrow and several other European airports, following a cyber-attack on a critical passenger processing system. The incident has left passengers facing extreme delays, cancelled flights and a return to manual check-in procedures not seen on this scale for years.
On Friday 19th September, hackers targeted Collins Aerospace’s MUSE software, which is the backbone of check-in, boarding and baggage systems at airports across Europe. Several airports across the continent were affected, including Heathrow, Brussels, Berlin Brandenburg and Dublin.
Core flight safety systems were unaffected but the attack had a damaging effect on front-end passenger services. Automated check-in desks, baggage drop machines and boarding systems were forced offline, leaving staff scrambling to keep passengers moving.
"All organisations are urged to make use of the NCSC’s free guidance, services and tools to help reduce the chances of a cyber attack and bolster their resilience in the face of online threats."
The attack caused widespread delays across terminals at Heathrow - though flights continued to operate, many passengers were left waiting hours as staff resorted to manual check-in and handwritten boarding passes.
The disruption continued into the weekend, with long queues stretching across departure halls and a significant proportion of flights leaving way behind schedule. There were visible improvements by Sunday but airlines and ground staff remain under pressure.
Speaking to The Independent, a spokesperson for the National Cyber Security Centre (NCSC) said: "We are working with Collins Aerospace and affected UK airports, alongside Department for Transport and law enforcement colleagues, to fully understand the impact of an incident.
"All organisations are urged to make use of the NCSC’s free guidance, services and tools to help reduce the chances of a cyber attack and bolster their resilience in the face of online threats."
Heathrow wasn’t alone - Brussels Airport reported some of the heaviest disruption, cancelling around half its scheduled departures on Monday. Berlin Brandenburg also struggled to keep flights on time, while Dublin and several other airports across the continent were affected to varying degrees.
ENISA (the EU Cybersecurity Agency) has confirmed that the attack was caused by a third-party ransomware incident. Investigations are ongoing, but no group has yet claimed responsibility.
This incident serves as a reminder of just how dependent global transport has become on digital infrastructure. For the aviation industry, it’s a wake-up call on the risks posed by cyber-attacks on critical, interconnected systems. As airports and airlines work to recover, the question now shifts to prevention: how to build greater resilience into the systems that underpin the world’s busiest transport hubs.
