What do we know about the cyberattacks that hit Europe's airports?

A cyberattack has caused disruptions at several airports for the second day on Sunday after hackers targeted check-in technology company Collins Aerospace.

Heathrow Airport in the United Kingdom, as well as airports in Berlin and Brussels, were affected. 

Brussels Airport said that it expected heavy disruptions and flight cancellations on Sunday as a result. 

This is everything we know about the incident. 

What happened?

Collins Aerospace, which provides the check-in and boarding systems for some airlines, was impacted. 

RTX, the parent company of Collins Aerospace, said it was aware of a “cyber-related disruption” to its MUSE software, according to Reuters.

“The impact is limited to electronic customer check-in and baggage drop and can be mitigated with manual check-in operations,” RTX added. The company said that it was looking to resolve the issue as soon as possible.

The airports were hit late on Friday by disruptions to electronic systems that snarled check-in and sent airline staffers scrambling for options, such as handwriting boarding passes or using backup laptops, AP reported.

Which airports are affected?

On Saturday, 35 departures and 25 arrivals were cancelled. Brussels saw the highest number of flight cancellations, at 15, aviation analytics provider Cirium told CNBC. Flights were also cancelled on Sunday. 

‘Attractive target’

Transportation and logistics have consistently ranked among the world’s top ten most attacked industries.

“The aviation industry has become an increasingly attractive target for cybercriminals because of its heavy reliance on shared digital systems,” Charlotte Wilson, head of enterprise at cybersecurity firm Check Point, told Euronews Next.

“These attacks often strike through the supply chain, exploiting third-party platforms that are used by multiple airlines and airports at once. When one vendor is compromised, the ripple effect can be immediate and far-reaching, causing widespread disruption across borders,” she added. 

She advised that aviation can build resilience by applying a layered approach: rigorously patching and updating software to close vulnerabilities, continuously monitoring for unusual activity that could indicate an intrusion, and implementing clear, well-tested backup systems that ensure airports and airlines can keep operating even if critical digital tools are knocked offline.

However, she said, “this challenge cannot be addressed in isolation” and advised better information-sharing between governments, airlines, and technology providers so that when one country reports an attack, the faster others can take action to contain it.

“Cybercriminals are exploiting every weak link in this highly connected ecosystem. Unless the sector treats cybersecurity as a matter of operational continuity and passenger safety, not just IT, the risk of large-scale disruption will continue to rise,” Wilson said.