European air travel faced its fourth consecutive day of chaos on Monday morning, as a sophisticated cyberattack continued to cripple a critical third-party system responsible for airport check-in and boarding.
The European Union Agency for Cybersecurity confirmed that the widespread disruption was the result of a ransomware attack. Agency spokeswoman, Laura Heuvinck, stated in an interview on Monday that details regarding the incident, including the perpetrators, remained under investigation.
Brussels Airport, seemingly the hardest hit, reported that while ‘the vast majority of flights today can be operated,’ significant cancellations still marred schedules. Airport spokeswoman Ihsane Chioua Lekhli confirmed that at least 40 out of 277 departing flights and 23 of 277 arriving flights in Brussels for Monday had been canceled.
Check-in procedures at the airport remained problematic, and Ms. Lekhli indicated uncertainty regarding the timeline for returning to the normal, automated check-in and boarding systems.
Beyond Brussels, airports in Berlin-Brandenburg, Dublin, and London Heathrow also reported ongoing complications with their check-in and boarding systems due to the cyberattack. Berlin’s airport specified that the attack commenced on Friday evening.
Investigations by Brussels and other impacted airports traced the source of the disruptions to a cyberattack targeting Collins Aerospace, an Iowa-based American company crucial for providing check-in and boarding systems globally.
RTX, Collins Aerospace’s parent company, did not provide a comment on Sunday. However, a Saturday statement from RTX acknowledged the attack’s interference with their airport systems and assured efforts were underway to restore ‘full functionality to our customers as quickly as possible,’ advising airports to implement manual check-in processes as a temporary solution.
Brussels Airport confirmed that its weekend operations were ‘heavily disrupted,’ necessitating a complete shift to manual procedures for all check-ins and boarding.
The full extent of Monday’s disruptions remained unclear, though London’s largest airport, Heathrow, stated via email that ‘the vast majority of flights at Heathrow are operating as normal,’ while acknowledging that ‘check-in and boarding for some flights may take slightly longer than usual.’
RTX’s Saturday statement clarified that the incident specifically impacted its MUSE software, a widely used passenger-processing system supported by Collins Aerospace, serving approximately 300 airlines across 100 airports.
RTX underscored that ‘The impact is limited to electronic customer check-in and baggage drop.’
This incident adds to a growing list of cyberattacks targeting critical infrastructure and major institutions. Previous incidents include a December cyberattack that caused delays for Japan Airlines’ flights and a June ‘hacktivist’ attack on Columbia University, which resulted in a system shutdown and data theft, reportedly for political motives.
Additional reporting was provided by Johnny Diaz.