A cyberattack on a key provider of airline check-in and boarding systems has snarled travel at major European airports, forcing staff to process passengers manually, and triggering delays and cancellations.
Brussels Airport said the attack occurred late on September 19, and is affecting multiple hubs across the continent. It advised passengers to confirm flight status with their carriers before heading to the airport and to allow extra time for check-in. Collins Aerospace on September 20 confirmed that a “cyber-related disruption” to its MUSE software is causing delays at some airports.
MUSE — short for Multi-Use System Environment — powers electronic check-in, boarding, and baggage drop for airlines and airports. The outage prevents passengers from using kiosks or self-service baggage systems, but airlines can still process travelers manually at staffed counters.
“We are actively working to resolve the issue and restore full functionality to our customers as quickly as possible,” the company said in a statement.
So far, the impact on flights has been limited. According to aviation data provider Cirium, 16 departures and 13 arrivals were canceled on September 20 across London Heathrow, Berlin Brandenburg and Brussels airports. Almost half of those cancellations were at Heathrow, which saw seven departing flights and five arrivals scrapped out of 651 scheduled services. Brussels had 228 departures scheduled for the day and Berlin 226.
Still, the disruption is the latest reminder of how dependent global aviation is on a handful of technology suppliers and how a single failure can ripple through some of Europe’s busiest hubs, stranding travelers and squeezing airlines already operating on tight schedules.
It’s unclear who’s responsible for the latest attack and no organization has yet claimed responsibility.
“Details are currently scarce concerning the nature of the attack, but the impact underscores the fragile and interdependent nature of the digital ecosystem underpinning air travel,” said Rafe Pilling, director of threat intelligence for U.K.-based cybersecurity company Sophos, which is owned by Thoma Bravo LLC. “The threat is significant and very real.”
