News Flash

Cyberattack on European airports: crime or hybrid warfare

Muse software outage exposes fragility of the digital supply chain

Cyberattack on European

14 October 2025

Table of contents

  • Chaos in major hubs
  • Muse software targeted
  • Attack origins uncertain
  • Collins Aerospace under the spotlight
  • NIS2 directive: Europe’s answer

Chaos in major hubs

A cyberattack against US-based Collins Aerospace disrupted check-in and boarding systems at major airports in Brussels, London Heathrow, Berlin, and, to a lesser extent, Dublin. Italy was largely spared, with only minor delays in Rome Fiumicino and Ciampino.

Brussels canceled 44 out of 257 flights, while Eurocontrol asked Heathrow operators to cut capacity by half over the weekend. Manual check-in procedures proved insufficient to handle passenger volumes, prolonging delays.

Muse software targeted

The attack focused on Muse, a platform allowing airlines to share check-in counters and boarding gates. According to parent company RTX Corporation, the disruption was limited to electronic check-in and bag-drop services.

While British Airways switched to a backup system, most other carriers were severely affected. The incident highlights the risks of third-party dependency in critical infrastructure.

Attack origins uncertain

No group has claimed responsibility so far. Experts suspect a ransomware attack, but state-sponsored actors remain a possibility. Analysts warn this could be either cybercrime driven by profit or an episode of hybrid warfare.

As Graeme Stewart of Check Point noted, ripple effects may take days to subside.

Collins Aerospace under the spotlight

Created in 2018 through the merger of Rockwell Collins and UTC Aerospace Systems, Collins Aerospace is an RTX subsidiary employing 80,000 people worldwide, with $28.3 billion in 2024 sales. It serves commercial aviation, defense, and space markets.

The incident underscores how attacks on large industrial players can trigger systemic disruptions across global aviation.

NIS2 directive: Europe’s answer

The event highlights the vulnerability of the digital supply chain and the importance of the NIS2 directive, which requires critical infrastructures to:

  • ensure operational continuity,
  • adopt effective mitigation measures,
  • strengthen cyber security protocols.

The lesson is clear: without shared resilience, one compromised supplier can jeopardize the stability of an entire industry.

2
To top