Cyberattack disrupts operations at European airports including Heathrow, Brussels

Brussels: A cyberattack on a key provider of airline check-in and boarding systems has snarled travel at major European airports, including London Heathrow, forcing staff to process passengers manually and triggering delays and cancellations.

The problems were centred on MUSE software made by Collins Aerospace, which provides systems for several airlines at airports globally.

Brussels Airport said the attack occurred late Friday (Saturday AEST) and was affecting multiple hubs across the continent. It advised passengers to confirm flight status with their carriers before heading to the airport and to allow extra time for check-in.

Collins Aerospace confirmed that a “cyber-related disruption” to its software was causing delays at some airports.

MUSE – short for Multi-Use System Environment – powers electronic check-in, boarding and baggage drop for airlines and airports. The outage prevents passengers from using kiosks or self-service baggage systems, but airlines can still process travellers manually at staffed counters.

“We are actively working to resolve the issue and restore full functionality to our customers as quickly as possible,” the company said in a statement.

So far, the impact on flights has been limited. According to aviation data provider Cirium, 16 departures and 13 arrivals were cancelled on Saturday across London Heathrow, the continent’s busiest airport, Berlin Brandenburg and Brussels airports.

Almost half of those cancellations were at Heathrow, which saw seven departing flights and five arrivals scrapped out of 651 scheduled services. Brussels had 228 departures scheduled for the day and Berlin 226. Dublin and Cork airports said they were facing minor impacts.

Still, the disruption is the latest reminder of how dependent global aviation is on a handful of technology suppliers and how a single failure can ripple through some of Europe’s busiest hubs, stranding travellers and squeezing airlines already operating on tight schedules.

It’s unclear who’s responsible for the latest attack and no organisation has claimed responsibility.

“Details are currently scarce concerning the nature of the attack, but the impact underscores the fragile and interdependent nature of the digital ecosystem underpinning air travel,” said Rafe Pilling, director of threat intelligence for UK-based cybersecurity company Sophos. “The threat is significant and very real.”

Bloomberg, Reuters