Travelers across Europe faced chaos this weekend after a cyberattack knocked out Collins Aerospace’s Muse software, the system many airports rely on for check-in and boarding. The outage hit Brussels, Heathrow, and Berlin, forcing staff to go back to manual pen-and-paper processes. The result: long queues, delayed flights, and cancellations that stranded thousands of passengers. The disruption shows how a single IT failure can ripple across global air travel.
As reported by the BBC, the trouble began Saturday when Muse the shared check-in system that allows different airlines to use the same desks and gates went offline. Brussels Airport confirmed the root cause was a cyberattack on Collins Aerospace. The airport warned that half of Monday’s flights would have to be canceled because the system was still down.
Brussels Airport urged passengers not to come unless their flight was confirmed and to check in online where possible. It advised travelers to arrive early and follow updates from official channels.
Heathrow Airport also acknowledged ongoing issues but did not confirm a cyberattack, saying only that “efforts to resolve the issue are ongoing.” By Sunday, about half of the airlines including British Airways were running on backups. Still, FlightAware reported that 47% of Heathrow’s departing flights were delayed Saturday, with knock-on effects continuing into Sunday.
Berlin Airport reported similar delays, with staff manually boarding passengers. Virgin Atlantic noted the disruption but said its flights were still departing.
The attack comes at a busy time for airlines, with passenger numbers peaking during the travel season. Experts say the incident is a stark reminder of how fragile aviation IT systems remain. Collins Aerospace, part of RTX, has not revealed details of the attack or how long full recovery will take but promised to restore a secure version of the software quickly.
Impact and Implications:
Airports and airlines rely heavily on third-party technology like Collins Aerospace’s Muse. When such systems fail, the fallout is immediate: grounded flights, massive costs, and shaken passenger trust. Analysts warn this incident highlights the risks of over-reliance on single vendors.
For airports in the Middle East and Africa many of which are rapidly modernizing this is a wake-up call. A cyberattack on one provider could bring entire hubs to a standstill and disrupt global flight routes.
10 Steps for Security Teams:
- Check Third-Party Security: Regularly assess the cyber resilience of IT suppliers.
- Backups Matter: Test alternative check-in and boarding systems.
- Segment Networks: Limit the spread of attacks across systems.
- Run Cyber Audits: Work with partners like Saintynet Cybersecurity.
- Train Staff: Prepare frontline teams to handle IT outages.
- Use Endpoint Detection: Deploy tools to spot intrusions quickly.
- Plan for Incidents: Build aviation-specific response playbooks.
- Share Intel: Join global and regional aviation cyber networks.
- Add Redundancy: Ensure backups for check-in and boarding platforms.
- Practice with Drills: Simulate real-world cyberattack scenarios.
Conclusion:
The Collins Aerospace attack shows just how fragile modern aviation can be when technology goes dark. From Brussels to Heathrow and Berlin, passengers and airlines alike felt the strain. While Collins scrambles to secure and restore its systems, the wider industry faces a clear message: cybersecurity in aviation isn’t optional it’s mission critical.
