Aerospace Cyberattack Disrupts Major European Airports

Aviation cyberattack on Collins Aerospace software forces three major European airports to revert to manual check-in systems

Key Takeaways

• Major European airports disrupted as cyberattack on Collins Aerospace’s Muse software forces manual operations at Heathrow, Brussels, and Berlin, causing flight cancellations and extended delays for thousands of passengers.
• Brussels Airport cancels half of flights between Saturday and Monday due to the attack, while 29 total departures and arrivals were canceled across the three major hubs affected by the security breach.
• Aviation cyberattacks surge 600% from 2024 to 2025 according to Thales report, highlighting critical vulnerabilities in airport technology infrastructure as digital transformation accelerates across the industry.

Introduction

A sophisticated cyberattack on Collins Aerospace has crippled passenger handling systems across major European airports, forcing thousands of travelers into manual check-in procedures and triggering widespread flight disruptions. The attack targeted Collins’ Muse software platform, which powers self-service kiosks and baggage systems at airports including London Heathrow, Brussels, and Berlin.

The incident exposes critical vulnerabilities in aviation infrastructure as airports increasingly rely on integrated digital systems. Collins Aerospace, a subsidiary of RTX Corporation, provides passenger handling technology to 170 airports globally, making the breach’s impact both immediate and far-reaching across European air travel networks.

Key Developments

The cyberattack commenced Friday night, immediately disabling electronic check-in and baggage drop systems across multiple European hubs. Airport personnel scrambled to implement manual procedures as digital kiosks and automated systems went offline simultaneously.

Brussels Airport experienced the most severe impact, with authorities requesting airlines cancel half their scheduled flights between Saturday 0400 GMT and Monday 0200 GMT. The airport reported 14 flight cancellations, four diversions, and 15 delays exceeding one hour by mid-morning Saturday.

Berlin Airport acknowledged “longer waiting times at check-in” due to the technical disruption, while maintaining that no flights were directly canceled. Heathrow characterized its disruption as “minimal” with no direct flight cancellations, though passengers reported 10-hour delays and chaotic conditions in terminals.

Market Impact

RTX Corporation, Collins Aerospace’s parent company, maintains strong financial fundamentals despite the security breach. The company reported Q2 2025 sales of $7.6 billion, representing 9% year-over-year growth driven by commercial aftermarket and defense segments.

Aviation data provider Cirium confirms 29 total departure and arrival cancellations across the three primary affected airports. This represents a fraction of planned Saturday operations: 651 departures from Heathrow, 228 from Brussels, and 226 from Berlin.

The incident creates immediate financial pressures including incident response costs, system restoration expenses, and potential contractual penalties. Longer-term reputational risks could affect Collins Aerospace’s competitive position in the airport technology market, where trust and reliability drive customer decisions.

Strategic Insights

The attack demonstrates dangerous concentration risk in aviation technology infrastructure. Collins Aerospace’s presence across 170 airports globally creates systemic vulnerabilities where single-vendor dependencies can trigger widespread operational failures.

Digital transformation initiatives across aviation now face heightened scrutiny as operators balance efficiency gains against cybersecurity risks. The incident validates concerns about third-party technology providers becoming attractive targets for sophisticated threat actors seeking maximum disruption impact.

Airlines and airports will likely accelerate cybersecurity investments and diversify technology vendor relationships. Regulatory authorities are expected to impose stricter security requirements on technology providers serving critical transportation infrastructure.

Expert Opinions and Data

Travel analyst Paul Charles expressed alarm at the breach’s impact on Collins Aerospace systems. “It’s deeply worrying that a company of that stature who normally have such resilient systems in place have been affected,” he said.

Charlotte Wilson, head of enterprise at cybersecurity firm Check Point, highlighted the cascading nature of vendor-based attacks. “When one vendor is compromised, the ripple effect can be immediate and far-reaching,” she explained, emphasizing how third-party platforms amplify security risks across multiple clients.

French aerospace company Thales released data showing aviation cyberattacks increased 600 percent from 2024 to 2025, underscoring the sector’s growing vulnerability. Politico reported that Collins specializes in aviation and defense technologies, supplying advanced systems for commercial and military aircraft.

The National Cyber Security Centre confirmed it is investigating the incident alongside Collins Aerospace, affected airports, and the Department for Transport to assess the full scope and impact of the breach.

Conclusion

Collins Aerospace works to restore full functionality to affected systems while airports maintain manual operations and warn passengers of continued disruptions. The company states the impact remains confined to electronic check-in and baggage drop services, though operational strain continues across European hubs.

The incident reinforces aviation industry vulnerabilities as digital integration accelerates without commensurate cybersecurity investments. Technology vendors serving critical infrastructure face increased scrutiny and regulatory oversight as single points of failure create systemic operational risks across global transportation networks.