The European airport cyber-attack that unfolded over the weekend of 19-20th September 2025 is an excellent learning opportunity for the aviation industry.
What began as a Friday night ransomware attack on Collins Aerospace’s check-in systems quickly escalated into widespread operational chaos across Europe’s busiest airports, affecting thousands of passengers and exposing critical vulnerabilities in aviation’s digital infrastructure.
Here’s everything we know so far about the incident, plus three key lessons to take away and use to better protect your own business.
What Happened in the European Airport Cyber-attack?
Collins Aerospace, owned by RTX, provides check-in systems across multiple airports globally. When this single point of failure was compromised, the ripple effects were immediate and far-reaching.
Brussels Airport reported having to use only manual check-in procedures, forcing airlines to cancel half of Monday’s scheduled flights. Meanwhile, some passengers faced three-hour waits as staff wrote baggage tabs by hand.
The cause? A cyber-attack targeting Collins Aerospace’s MUSE (Multi-User System Environment) software on Friday night, affecting check-in and boarding systems at major European airports including Brussels Airport, London Heathrow, and Berlin’s Brandenburg Airport.
The European Union Agency for Cybersecurity (ENISA) confirmed the attack was caused by ransomware, with law enforcement now investigating.
The Critical Vulnerability: Third-Party Dependencies
This European airport cyber-attack shows how vulnerable the aviation ecosystem has become to third-party software failures. Aviation operations have become deeply interconnected, with check-in systems disrupted simultaneously across multiple countries through a single vendor compromise.
This creates systemic vulnerabilities that, when exploited, can bring entire networks to a standstill.
Building Aviation Resilience Against Cyber-attacks
Worried stakeholders needn’t panic. You can take concrete steps over the coming weeks to build resilience against similar attacks and enhance your approach to cyber security for aviation companies.
Comprehensive Vendor Risk Assessment
Vendor risk in aviation is becoming too important to simply assume a supplier gives cyber security the same weight as you.
Implement rigorous vendor risk assessment protocols that go beyond basic contractual requirements. This includes regular security audits of critical suppliers, understanding their incident response capabilities, and mapping dependencies to identify potential single points of failure.
Robust Backup Systems and Manual Procedures
The European airport cyber-attack showed that many airports lacked sufficient staff trained in manual check-in procedures, creating bottlenecks that amplified disruption.
Establish clear, comprehensive manual procedures that will enable staff to maintain operations during extended system outages. Regular testing and staff training ensure these procedures are effective in practice, not just on paper.
Strategic Cyber Security Partnerships
Recognise that cyber security isn’t just an IT function but a business continuity imperative. Professional cyber security services can provide any expertise needed to identify vulnerabilities, implement protective measures, and develop comprehensive incident response plans suitable for the aviation industry.
These partnerships become particularly valuable for aviation SMEs that lack in-house cyber security expertise.
Cultural Change and Training
Building resilience requires cultural change that embeds security thinking throughout your aviation operations. It can’t just be a problem for the IT department to deal with. Regular training programmes should ensure all staff understand their roles in maintaining security and operational continuity during disruptions.
The Path Forward
The aviation industry’s response to this European airport cyber-attack will shape its digital resilience for years to come.
Those who learn from this incident and strengthen their cyber security posture will be better prepared for future challenges.
Those who don’t may find themselves losing face, losing passengers, and losing a lot of money.
To ensure your business is in the former group, schedule a free consultation with Intalex today. We’ll take a look at your current IT environment and assess your vulnerability to similar attacks, so you know exactly where to focus your cyber security efforts.
