Hackers attack Europe’s automatic flight check-in systems — flight delayed and cancelled after Collins cyberattack

News
By published

An incident at Collins Aerospace shut down the cloud back-end for its cMUSE platform this weekend, crippling kiosks and forcing manual fallback at Heathrow, Berlin, and Brussels.

Airport
(Image credit: Shutterstock)

A cyberattack on Collins Aerospace brought parts of Europe’s airport infrastructure to its knees this weekend, after a backend outage hit the company's cloud-based check-in system and knocked out self-service kiosks across multiple major hubs. The software in question — Collins’ common-use MUSE platform — powers many airports’ passenger processing stacks, allowing airlines to share check-in desks, kiosks, and boarding infrastructure through a single backend. On Saturday, that single point of failure failed.

We're going manual

Collins confirmed that the disruption was the result of a “cyber-related incident,” but has not disclosed the type of attack. What is clear is that the cMUSE outage exposed just how fragile Europe’s airport IT stack has become. Designed to be flexible and scalable, cMUSE can be hosted in the cloud or deployed on-prem, but many airports rely on the cloud variant, which centralizes passenger data and logic for easier airline integration.

According to Collins’ own documentation, cMUSE supports web-based agent stations, kiosk fleets, and mobile check-in endpoints through a centralized management plane. That’s great for cost and updates, but not so great when that control layer goes dark. On-site systems like bag tag printers and biometric scanners are often integrated directly with MUSE, so they’re not immune either.

EU directive to the rescue?

The EU’s NIS2 directive, which comes into force in October, broadens the legal definition of “critical infrastructure” to include not just airlines and airports, but IT suppliers that provide essential digital services to them. EASA’s Part-IS rules, in parallel, are meant to bring aviation-grade cybersecurity to exactly these kinds of shared platforms, including common-use systems for baggage and check-in.

It’s not yet clear how much of Collins’ cMUSE infrastructure went down, or how many airline DCS links were affected. But it’s clear that fallback worked only because staff rolled back to manual processes, not because systems failed gracefully. Heathrow said Sunday that it was continuing to recover from the outage, adding that “the vast majority of flights have continued to operate”.

Follow Tom's Hardware on Google News, or add us as a preferred source, to get our up-to-date news, analysis, and reviews in your feeds. Make sure to click the Follow button!

Luke James
Luke James
Contributor

Luke James is a freelance writer and journalist.  Although his background is in legal, he has a personal interest in all things tech, especially hardware and microelectronics, and anything regulatory. 

1 Comment Comment from the forums
  • passivecool
    It should not take too many guesses to figure out who was behind that... can't imagine who's nasty-list the EU is on.

    It is reassuring to see that the fallback systems worked, not perfectly, but solidly, and I should expect we will see a lot more layers of redundant fallback systems in place moving forward. For those who work in this branch, my thanks. I envy all the rabbit holes you can go down but surely not the exponential weight of risk growing upon your shoulders.
    So, kids, need job with a certain future? Check out drone fleet manager or IT infrastructure security.
    It all scares me the same.
    Reply