BERLIN
The European Union’s cybersecurity agency ENISA confirmed that recent disruptions at several major European airports were caused by a ransomware attack targeting automated check-in systems provided by Collins Aerospace, an RTX-owned company. The incident, which began Friday, affected thousands of passengers and dozens of flights across airports including Brussels, London Heathrow, Berlin, and Dublin.
Authorities are investigating the malicious software, which locks data until a ransom is paid, though the origin of the attack has not been disclosed. Collins Aerospace said it is working with affected airports to restore systems, with updates nearing completion. Berlin airport, dealing with high passenger volumes due to the Berlin Marathon, continued to report delays of over an hour. Brussels relied on iPads and laptops for manual check-ins, resulting in 60 flight cancellations, while Dublin implemented manual procedures with minimal disruption.
Cybersecurity analysts note that high-profile targets are increasingly chosen for ransomware attacks, though such incidents remain relatively rare. Surveys indicate ransomware is the most common cyber threat, with one in seven companies paying ransoms to regain access to locked systems. ENISA emphasized the incident highlights the growing risks cyberattacks pose to critical infrastructure and essential services.