Cyberattack aralyzes european airports

25-09-25

A recent massive cyberattack on Collins Aerospace’s MUSE system has starkly exposed the deep technological vulnerabilities affecting many airports across the continent. Over the past weekend, the digital infrastructure that supports critical operations such as check-in, boarding pass issuance, and baggage handling was virtually crippled, leading to widespread delays, flight cancellations, and chaos in passenger terminals.

The incident originated from a ransomware operation that targeted the Multi-User System Environment (MUSE), a platform widely used in European airports. Once compromised, it forced affected airports to switch to manual management methods, drastically reducing their capacity to process passengers. The domino effect was immediate: scheduled flights lost synchronization, and many terminals were quickly overwhelmed.

Among the hardest-hit were Brussels Airport, which suffered mass cancellations and severe check-in disruptions; Dublin Airport’s Terminal 2, where operations were heavily limited; Berlin Brandenburg Airport, where waiting times became interminable; and London Heathrow, which, while avoiding a total shutdown, experienced significant delays. Other major hubs such as Frankfurt, Paris Charles de Gaulle, and Zurich reported no direct impact but remain on high alert in case of a copycat attack.

The magnitude of the disruption cannot be underestimated: dozens of European airports rely on the MUSE system, making this intrusion a continent-wide crisis. Hundreds of flights were reportedly canceled or delayed, inconveniencing tens of thousands of passengers. Beyond the economic and logistical fallout, the incident underscores the structural fragility of the current technological model in Europe’s aviation sector.

According to the European Union Agency for Cybersecurity (ENISA), many airports lost a substantial portion of their operating capacity during the critical hours of the attack. In Brussels and Dublin, problems persisted well into the following day, while in Berlin and London operations only began to stabilize slowly, with ripple effects continuing. Airlines have warned that full service restoration may take several more days.

Beyond the immediate consequences, the attack delivers an urgent lesson: the dependence on third-party providers for essential functions without robust backup mechanisms turns passengers into collateral victims of external failures. The lack of technological redundancy—meaning alternative systems ready to activate—creates a scenario where a single cyber intrusion can paralyze multiple facilities simultaneously.

This event opens a critical debate on the digital resilience of European airports. While technological innovation has allowed for automation and more efficient airport processes, it has also created single points of failure. Implementing redundant control systems, segmenting operational networks, and strengthening security protocols have now emerged as key priorities. Airports must reevaluate their dependence on single vendors and significantly bolster defenses against evolving cyber threats.

Equally important is the need for stronger cooperation among EU member states and with international cybersecurity organizations to anticipate and counter attacks of this magnitude. Only through coordinated response plans, regular resilience testing, and mandatory security standards can the risk of future technological crises be reduced.

Ultimately, what occurred over the weekend should serve as a wake-up call. European airports, the backbone of continental connectivity, have shown they are not yet prepared to withstand large-scale cyberattacks. Without swift and decisive action, similar incidents could recur, eroding public confidence and threatening the operational continuity of the aviation sector.

In collaboration with:

This site uses cookies from Google to deliver its services and to analyze traffic. Information about your use of this site is shared with Google. By using this site, you agree to its use of cookies.

Legal notice