On 20 September 2025, Europe’s busiest airport ground to a halt. A cyber attack on the check-in and baggage software used at Heathrow caused hundreds of flight delays and cancellations. The disruption rippled out across Brussels, Berlin, Dublin, and Cork, stranding passengers, overwhelming airport staff, and exposing just how vulnerable the aviation system has become.

This was not a bomb, a strike, or a storm. It was a few lines of malicious code. And it revealed that when a single digital service provider goes down, entire nations can feel the impact.

The Anatomy of the Attack

Late on 19 September, the Muse software platform — developed and run by Collins Aerospace — began failing. Muse is a shared system: airlines rely on it to handle passenger check-in, issue boarding passes, and manage baggage drops. For most carriers at Heathrow, it is invisible but indispensable.

The attack hit the very core of Muse’s digital infrastructure. Electronic check-in stopped working, baggage belts could not be automated, and boarding gate systems froze. Airlines were forced back to paper lists and manual luggage tags.

By the early hours of 20 September, queues were snaking through Heathrow terminals. Over 500 flights were affected that day at Heathrow alone, with Brussels and Berlin reporting similar disruption. Dublin and Cork confirmed delays, though on a smaller scale.

The Human Impact

For passengers, the disruption was immediate and personal.

• Families missed connections and found themselves stranded overnight in hotel lobbies.

• Business travellers with tight schedules were left sitting on terminal floors.

• Parents tried to calm crying children in multi-hour queues, while staff shouted instructions across chaotic crowds.

British Airways, which operates its own separate backup systems, escaped the worst. But most other carriers were paralysed. Passengers described scenes that looked closer to a disaster drill than an orderly airport operation.

One passenger recalled waiting nearly six hours before reaching a manual check-in desk. Others reported confusion at boarding gates, where staff struggled to reconcile hand-written passenger lists with the electronic manifests still locked inside the frozen system.

Why the Attack Spread So Widely

The key to understanding this incident is centralisation.

Modern aviation relies on shared platforms to cut costs and streamline operations. Instead of every airline running its own software for check-in, many outsource to a single provider. This is efficient in good times but catastrophic when that provider goes down.

Muse is integrated across multiple airports. That meant the same outage that crippled Heathrow also hit Brussels and Berlin almost instantly. What began as a vendor-specific attack became a pan-European operational failure.

It is still unclear who carried out the attack. Speculation has swirled about state actors, like Russia, but no evidence has been published. What matters more than attribution is the lesson:

centralised systems without robust resilience plans are single points of failure.

Collins Aerospace’s Response

Collins Aerospace moved quickly to acknowledge the problem. The company confirmed it was a “cyber-related disruption” and began working with airports and airlines to restore functionality.

Manual processes were deployed at every affected location. RTX, Collins’ parent company, stressed that remediation efforts began immediately and that continuous technical support was being provided.

By the evening of 20 September, some functionality was returning, though no clear completion timeline was shared. The UK’s National Cyber Security Centre (NCSC) and the European Commission began coordinating investigations and technical guidance.

The Broader Impact

This attack revealed how fragile the aviation sector is when digital systems fail.

• Economic loss: Heathrow alone may have lost tens of millions of pounds in a single day of disruption.

• Passenger trust: Travellers expect high-tech airports to run smoothly. Long queues and handwritten boarding passes undermine that confidence.

• Operational continuity: Airports depend on shared IT systems for speed and safety. Without them, basic functions grind to a crawl.

• International coordination: Because the same platform runs across multiple countries, disruption in one cascades into the next. Cyber attacks respect no borders.

This was not just an airport problem. It was a reminder that aviation itself is national infrastructure, and a vulnerable one.

Root Causes

Several factors combined to make this incident so damaging:

1. Vendor concentration — Too many airlines depend on a single third-party provider.

2. Insufficient segmentation — Once Muse was compromised, there were no effective barriers to limit the scope of the outage.

3. Legacy reliance — Many airport processes still assume digital systems are always available. Manual backup exists, but it is slow and under-resourced.

4. Unclear communication chains — Passengers and staff reported confusion and inconsistent updates throughout the day.

How to Fix It: Building Aviation Resilience

Cyber attacks cannot be prevented entirely. But their impact can be contained with the right measures. Airports and airlines need to move from reactive crisis management to proactive resilience.

• Zero Trust and Segmentation – Verify every user and device, and break networks into secure zones.

• Real-Time Detection and Response – SOCs and tested playbooks enable quick containment.

• Continuous Cyber Hygiene – Patch, scan, and retire legacy systems relentlessly.

• Staff Training – Build a culture where everyone sees cybersecurity as their job, their responsibility.

• Supply Chain Defence – Demand high standards from vendors, backed by audits.

• Intelligence Sharing – Use sector-wide networks to spot and share knowledge on new threats faster.

• Regulatory Alignment – Treat compliance with aviation cybersecurity standards as baseline, not maximum.

Protecting National Infrastructure

Airports are not the only sector exposed. Ports, energy grids, rail networks, and hospitals all rely on centralised digital platforms. If a single vendor is compromised, the disruption cascades.

For national infrastructure, resilience depends on three pillars:

• Diversity of suppliers.

• Mandated resilience testing.

• Public-private collaboration.

The lesson from Heathrow is that cyber resilience is a public good. It is not just about keeping passengers moving — it is about ensuring critical services never collapse under digital attack.

A Cyber improvement plan for Airlines and Airports

• Don’t rely on a single IT vendor without contingency plans.

• Implement Zero Trust and network segmentation.

• Invest in real-time detection and tested response plans.

• Patch and upgrade systems continuously.

• Train all staff in cyber awareness.

• Audit vendor security and supply chain risk.

• Share threat intelligence across the industry.

• Treat compliance as minimum, not maximum.

• Build resilience as a national infrastructure priority.

Closing Thoughts

The Heathrow cyber attack was disruptive, costly, and embarrassing. But it was also a warning shot. Aviation, like every other sector, is now digital infrastructure first and physical infrastructure second.

When the digital fails, the physical world stops moving. Queues grow, flights are cancelled, and passengers sleep on terminal floors.

The choice ahead is clear: invest in resilience now, or be forced into it by the next crisis. For airlines, airports, and governments alike, the lesson of September 2025 is that cyber resilience is no longer optional. It is as essential as fuel, radar, and runways.