Airport disruptions across Europe that began over the weekend were caused by a ransomware attack, according to the European Union’s cybersecurity agency ENISA on Monday. The agency confirmed it was aware of the ongoing disruption of airport operations, which was caused by a third-party ransomware incident. ENISA stated it could not share further information regarding the cyberattack at that moment.
The ransomware attack targeted Collins Aerospace, a company that provides check-in systems to several airports, including those in Berlin, Brussels, and London’s Heathrow. The company said it was working with affected airports to restore services.
Reports from Saturday indicated that the software targeted was the company’s passenger processing system called MUSE. This system allows multiple airlines to share check-in desks and boarding gate positions at an airport rather than having their own dedicated infrastructure. Collins Aerospace, which is owned by defense contractor RTX, did not immediately respond to requests for comment.
It remains unclear who is behind the cyberattack. The incident has caused significant disruptions to check-in processes, resulting in flight delays and cancellations since Friday night.