A ransomware attack targeting Collins Aerospace’s Muse software has caused significant disruptions at several of Europe’s busiest airports since Friday.
The malicious software scrambled automated check-in and boarding systems, forcing airlines to resort to manual processes.
The European Union Agency for Cybersecurity (ENISA) confirmed the attack on Monday, noting that law enforcement is investigating the incident.
The attack has affected airports including London Heathrow, Brussels, and Berlin, with recovery efforts ongoing.
Airports across Europe are grappling with the aftermath of the cyberattack.
Heathrow, one of the busiest hubs, reported that about half of its airlines, including British Airways, were using backup systems by Sunday.
However, manual check-in processes have led to delays and cancellations.
Brussels Airport canceled nearly 140 of its 276 scheduled outbound flights on Monday, while Berlin Airport, strained by increased traffic from the Berlin Marathon, reported delays exceeding an hour as manual boarding persists.
Collins Aerospace, the targeted software provider, is in the final stages of implementing software updates to restore functionality.
An internal memo from Heathrow revealed that over a thousand computers may have been corrupted, requiring in-person repairs.
The memo also noted that hackers remained in the system after initial recovery attempts.
The UK’s National Cyber Security Centre is collaborating with Collins Aerospace, affected airports, and law enforcement to assess the impact.
The aviation sector has seen a 600% increase in cyberattacks over the past year, highlighting the growing threat to critical infrastructure.