European Airports Paralyzed by MUSE Software Cyberattack: Critical Infrastructure at Risk

A coordinated cyberattack has brought major European airports to a standstill, targeting the critical MUSE passenger processing software developed by Collins Aerospace. The attack, which began on Friday, has severely impacted operations at Heathrow, Brussels, Berlin, and Dublin airports, causing widespread flight cancellations and creating chaotic scenes in terminals across the continent.

The sophisticated attack specifically targeted the Multi-User System Environment (MUSE), a widely deployed check-in and boarding management system used by numerous airlines and airport operators. Security analysts indicate the attackers exploited vulnerabilities in the software's network connectivity features, though specific technical details remain under investigation by cybersecurity firms and law enforcement agencies.

Airport authorities have been forced to implement manual check-in procedures, significantly slowing processing times and leading to massive passenger queues. By Saturday morning, over 400 flights had been canceled across affected airports, with thousands more experiencing significant delays. The disruption is particularly severe at Heathrow, Europe's busiest airport, where operations have been reduced to approximately 30% of normal capacity.

Collins Aerospace confirmed the cyber incident in a statement, noting they are working with cybersecurity experts to restore systems safely. "We are aware of the system outage affecting multiple customers and are working tirelessly to resolve this issue," the company stated. "Our priority is the safe restoration of services while maintaining system integrity."

Aviation security experts have expressed grave concerns about the attack's implications for critical infrastructure protection. Dr. Evelyn Reed, cybersecurity professor at Imperial College London, noted: "This attack demonstrates the cascading effects that can occur when threat actors target widely used third-party systems in aviation. The MUSE platform's central role in passenger processing makes it a high-value target for disruptive attacks."

European Union cybersecurity agencies have been activated to coordinate the response, with Europol's European Cybercrime Centre assisting in the investigation. Initial analysis suggests the attack may have originated from a sophisticated threat actor group, though no organization has claimed responsibility.

The incident highlights ongoing vulnerabilities in aviation technology supply chains, particularly regarding software dependencies that span multiple airports and airlines. Industry experts warn that such attacks could become more frequent as threat actors recognize the disruptive potential of targeting common aviation software platforms.

Passengers are advised to check with their airlines before traveling to affected airports, with disruptions expected to continue through Sunday. Airlines are offering rebooking options and waiving change fees for affected travelers.

This event represents one of the most significant cyber incidents affecting European aviation since the 2017 NotPetya attacks, raising urgent questions about cybersecurity preparedness in critical transportation infrastructure. Aviation authorities are expected to review security requirements for third-party software providers in the wake of this attack.