Pierluigi Paganini
September 20, 2025
A cyber attack on Collins Aerospace disrupted check-in and boarding systems at major European airports, heavily impacting Heathrow, Brussels, and Berlin. The outage caused numerous flight delays and cancellations, forcing manual operations.
Collins Aerospace is a major American company specializing in aviation and defense technologies, and is a subsidiary of RTX (formerly Raytheon Technologies). The company provides advanced systems for commercial, business, and military aircraft, including avionics, interiors, mission systems, and power controls. Collins also delivers integrated solutions for airports, space exploration, and operational efficiency, supporting both passenger safety and complex mission success. The attack has affected Collins’ Muse software
The incident began on Friday night, and the personnel at several airports were forced to switch to manual procedures, leading to long queues and widespread delays. Thousands of passengers were left stranded or waiting for hours.
Collins Aerospace attempted to downplay the severity of the incident.
“We have become aware of a cyber-related disruption to our Muse software in select airports. We are actively working to resolve the issue and restore full functionality to our customers as quickly as possible.” said RTX said in a statement. “The impact is limited to electronic customer check-in and baggage drop and can be mitigated with manual check-in operations. We will share more details as they are available.”
Brussels Airport warned that only manual check-in was available, and that the attack would continue impacting flights through Saturday. Berlin Airport likewise experienced extended waiting times, while Heathrow, urged travelers to check their flight status before heading to the airport.
“A spokesperson for the European Commission said there were currently no indications of a “widespread or severe attack” and that the origin of the incident was still under investigation.” reported Reuters.
“At Heathrow, Berlin and Brussels, 29 departures and arrivals have been cancelled so far, aviation data provider Cirium said. In total, 651 departures were scheduled from Heathrow, 228 from Brussels and 226 from Berlin on Saturday.”
Cybersecurity experts warn that heavy reliance on centralized providers makes critical infrastructure fragile, as shown by the recent airport outage. Services provided by a single company represent a single point of failure. An attack against these services can disrupt multiple sites, creating major ripple effects. Attacks on the aviation sector have surged 600% from 2024 to 2025, exposing the risks of efficiency-driven but vulnerable models.
The attack exposed key weaknesses in digital transport, highlighting how reliance on a single supplier can disrupt aviation. Experts call for stronger security, contingency plans, and vigilance to safeguard travelers and operations.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, Collins Aerospace)
Pierluigi Paganini
September 18, 2025
