A major cyber attack has taken down check-in systems at several European Airports, including London Heathrow, Berlin Brandenburg, and Brussels Airport, with passengers reporting chaos as workers resort to time-consuming manual check-in processes.
London Heathrow Airport informed passengers that a “technical issue” was responsible for the chaos, whereas Brussels Airport was a little more forthcoming, admitting that a cyberattack on the third-party vendor of its check-in systems was the root cause of the problem.
The service provider is the Colin Rockwell Muse system, which is owned by Collins Aerospace, a US-based aerospace company, that provides a vast array of services to the aviation industry, including cockpit systems and air traffic control technology.
At London Heathrow, the affected Colin Rockwell Muse system is one of two major check-in systems that airlines use. Airlines that use an alternative system, called Amadeus, which includes British Airways, are not impacted by the outage.
On Saturday morning, Heathrow Airport said that Collins Aerospace had yet to provide a detailed update on the outage or when it might be fixed.
Brussels Airport warned that the outage has had a “large impact on the flight schedule and will unfortunately cause delays and cancellations of flights.”
“The service provider is actively working on the issue and trying to resolve the problem as quickly as possible,” a statement posted to the airport’s website explained.
Collins Aerospace has yet to publicly comment on the outage.
Despite the fact that some airlines at London Heathrow have not been hit by the core check-in system outage, it is understood that other multiple airport departure systems are connected to the Colin Rockwell Muse program, and workarounds have been established.
IT experts have been warning the aviation industry for months that hackers are targeting airlines and service providers, with criminals using social engineering techniques to gain unauthorized access to systems.
Rather than using lines of code to hack into databases, today’s breed of cyber criminal persuades IT help desks to give them access to systems, allowing them to then corrupt files and steal information.
In July, the FBI warned that a loosely affiliated group of hackers known as ‘Scattered Spider’ may be behind a wave of cyberattacks on the aviation industry, which has seen carriers such as Hawaiian Airlines, WestJet, KLM Royal Dutch Airlines, and Qantas fall victim to system breaches in recent months.
In these cases, however, hackers were only able to break into non-operational systems, stealing some personal but limited customer data.
Last year, Seattle-Tacoma International Airport fell victim to a major ransomware attack that took down check-in and baggage handling systems, as well as information display screens across its terminals for days on end.
The Port of Seattle later said that a cyber hacker group known as Rhysida was behind the attack and had threatened to release stolen data from the airport onto the dark web unless a ransom was paid.
Officials refused to pay the ransom and promised to beef up its IT security to prevent a similar outage in the future.
