A massive cyber attack struck check-in and boarding systems at major European airports on the night of September 19, 2025, disrupting thousands of passengers. The MUSE system, operated by Collins Aerospace, a subsidiary of RTX Corporation, was the primary target. As a result, airports like Heathrow (London), Brussels (Belgium), and Berlin Brandenburg (Germany) faced chaos, with flight delays lasting hours and long queues clogging terminals. Airport staff resorted to manual processing, slowing down check-in and baggage drop-off. Initial investigations suggest the attack involved ransomware or a DDoS assault, though the perpetrators remain unidentified. The incident raises alarms about the vulnerability of aviation infrastructure to cyber threats, especially amid heightened global geopolitical tensions.
The crisis began around 22:00 UTC on September 19, when automated systems at several major airports went offline. At Heathrow, passengers reported queues stretching up to 500 meters in Terminal 2, with wait times reaching two hours for check-in. In Brussels, over 50% of flights were canceled on the morning of September 20, while Berlin recorded 62 significant delays. Eurocontrol, Europe’s air traffic authority, urged airlines to limit schedules until early Sunday, September 21, to ease pressure. “We ask passengers to check flight status before heading to the airport,” a Brussels Airport spokesperson said in an official statement, as reported by BBC.
Impact on Passengers and Airlines
Passengers faced severe disruptions. Many were stranded, missed connecting flights, or waited hours without clear updates. Social media was flooded with complaints. One X user wrote, “Heathrow is total chaos, no check-in system, insane queues!” Airlines like Lufthansa, Brussels Airlines, and Turkish Airlines reported delays exceeding one hour for key routes to Frankfurt, Vienna, and Istanbul. British Airways, with its backup system, escaped the worst impact. Still, economic losses likely reached millions of euros per hour due to cancellations and delays, according to early estimates from Reuters.
Collins Aerospace confirmed a cyber-related disruption to its MUSE system, used by hundreds of airports globally for automated check-in. “We are working around the clock to restore systems and minimize impact,” an RTX spokesperson said in a press release. Manual processes slowed operations, particularly at busy hubs like Heathrow, which handles over 80 million passengers annually. Passengers were advised to carry physical documents like passports and printed tickets to speed up processing.
Context and Speculation on Perpetrators
This attack adds to a growing list of cyber incidents targeting Europe’s critical infrastructure. In 2022, Dutch and German airports faced DDoS attacks; in 2024, ransomware disrupted baggage systems in Scandinavia. Now, speculation ties this attack to geopolitical tensions, especially after Collins Aerospace’s recent NATO contract for electronic warfare software. On X, some users accused Russia, with comments like “This is Putin’s provocation!” though no official evidence confirms this. ENISA, the EU’s cybersecurity agency, is leading the investigation with national bodies like the UK’s NSA. “We can’t yet confirm the perpetrators, but this was a sophisticated attack,” an ENISA official told The Guardian.
The reliance on third-party systems like MUSE exposes gaps in aviation’s digital supply chain. “Our critical infrastructure depends too heavily on single providers,” cybersecurity analyst Dr. Elena Voss told Olam News. The Ukraine-Russia conflict, coupled with Western sanctions, has driven a 30% rise in state-sponsored cyber attacks on Western targets in 2025, per FireEye reports.
Response and Recovery Efforts
Airport authorities acted swiftly. Heathrow deployed extra staff and asked passengers to arrive three hours early for long-haul flights. Brussels Airport urged travelers to delay trips unless flights were confirmed. Berlin disconnected systems to prevent further spread. The UK government, via Transport Secretary Heidi Alexander, is monitoring the situation and coordinating with NATO.
Partial recovery occurred by noon on September 20, with some check-in kiosks back online. Collins Aerospace estimates full restoration within 24-48 hours. Airlines offered free rebooking and compensation, though passengers complained about poor communication. “We’re stuck with no clarity,” said Anna, a traveler in Brussels, to Al Jazeera.
Building a Resilient System
This incident underscores the urgent need to bolster aviation cybersecurity. Europe’s NIS2 Directive must tighten, with mandatory audits and system redundancies. “We need stronger backup systems,” Voss said. With the holiday season nearing, similar disruptions could cost billions. Passengers should check flight status via airline apps, carry manual documents, and consider travel insurance covering cyber disruptions.
If this attack is part of a broader cyber campaign, other airports may be at risk. Investigations will reveal whether this was a criminal act or state-sponsored. For now, travelers should stay vigilant and monitor official updates from airports or airlines. Read more about cyber threats at Olam News to understand risks in the digital age.
Discover more from Olam News
Subscribe to get the latest posts sent to your email.
