A sophisticated ransomware cyberattack targeting aerospace technology provider Collins Aerospace caused major disruptions at major European airports this past weekend, leading to widespread flight delays and cancellations. The incident, which began late on Friday, September 19, 2025, crippled critical check-in and baggage handling systems, forcing airport staff to revert to manual processes.
The airports affected included some of Europe's busiest hubs, such as London Heathrow, Brussels, Berlin, and Dublin. Brussels Airport was the worst affected, with authorities asking airlines to cancel nearly 140 departing flights on Monday. The airport also reported 60 cancellations on Monday. In Dublin, 13 flights were cancelled by noon on Sunday. Staff were forced to manually issue boarding passes and bag tags, causing long queues and frustration for travelers.
The attack targeted Collins Aerospace's MUSE (Multi-User System Environment) software, a platform widely used for passenger processing. Collins Aerospace is a subsidiary of RTX, a US aerospace and defense giant. Parent company RTX acknowledged a 'cyber-related disruption,' stating the impact was limited to electronic check-in and baggage drop and could be mitigated with manual operations.
The European Union Agency for Cybersecurity (ENISA) confirmed the incident was a ransomware attack. Cybersecurity researchers believe the attack involved a variant of HardBit ransomware, which first emerged in October 2022. It was reported that Collins Aerospace had difficulty removing the malware, with devices becoming reinfected after cleanup attempts. In a significant development, the UK's National Crime Agency arrested a man in his 40s in West Sussex in connection with the attack; he was later released on conditional bail.
The incident highlights the growing vulnerability of critical infrastructure, like aviation, to cyberattacks. Attacks on aviation systems can have ripple effects on national economies and public safety. This supply-chain attack, where a single vendor compromise affects many customers, serves as a stark reminder of the risks. As one expert noted, "a single failure in check-in or baggage handling doesn't just create queues – it has a domino effect on flight schedules, connections, and even crew availability." As authorities continue their investigation, the aviation industry is left to reconsider its cybersecurity measures to prevent future disruptions.