A cyberattack on Collins Aerospace, a provider of check-in and boarding systems, disrupted operations at major European airports.

The cyberattack caused 100 delays at Heathrow Airport, 70 at Zaventem Airport (Brussels), and 15 at Berlin-Brandenburg Airport (Germany). In Brussels, according to EFE, an estimated 35,000 people were affected.

Why did the airport systems crash?

Brussels Airport explicitly linked the problem to a cyberattack and not a simple technical failure.

This distinction is important: a cyberattack suggests intentional malicious activity, possibly targeting the aviation sector's digital infrastructure for political, economic, or criminal purposes.

Automated electronic check-in and baggage delivery systems were rendered inoperative, forcing the adoption of manual procedures. The problem, which began Friday night, caused flight cancellations and delays, with average delays of one hour.

How did they access the systems?

Saturday's problems focused on the MUSE software, manufactured by Collins Aerospace, which provides systems to several airlines at airports around the world, such as those affected in Brussels, the United Kingdom, and Germany.

These attacks typically exploit the supply chain, attacking third-party platforms used by several airlines and airports simultaneously.

When a single supplier is compromised, the impact can quickly spread to other countries and cause widespread disruption.

Who is responsible for the attack?

Authorities' investigations point to possible involvement by pro-Russian groups to project a sense of vulnerability in Europe due to support for Ukraine.

Was Spain affected?

For its part, Aena has confirmed that Spanish airports are operating "normally" and have not been affected by the cyberattack in Brussels, Berlin, and London.

However, some airfields in the Valencian Community have been affected. Specifically, Valencia-Manises Airport and Alicante-Elche Miguel Hernández Airport have experienced delays of up to more than four hours on some flights traveling to places such as Brussels, Bucharest, and London.

In addition, the Iberia group has confirmed to EFE that some flights between Madrid and the airports affected by the cyberattack: Berlin and Brussels, have also experienced delays. A flight scheduled for 4:35 p.m. between the Spanish capital and Brussels and back to Madrid has been canceled.

Why are critical infrastructures important?

Critical infrastructures are all the facilities, networks, systems, and physical and information technology equipment on which the functioning of a society's essential services depends.

In recent years, cyberattacks on critical infrastructures have proliferated, driven by the "dependence" of all of them on computer systems, as well as the power of control that is required to seize them.

Hackers around the world design malicious software with the aim of damaging operational technology, highlighting the importance and necessity of implementing a comprehensive approach to cybersecurity that encompasses operational processes, technology, and the people involved.

It is also important to understand the differences and details between IT and OT and how they relate to each other in a cyberattack.
The main function of the IT (Information Technology) environment is information lifecycle management, understood as the generation, processing, transmission, and storage.

Its scope of use is increasingly widespread, although it is particularly prevalent in the business and corporate sectors, where security development is rapid due to the need to preserve the information handled by highly interconnected systems.

This has provided IT systems with very specific and dynamic security elements, which are constantly updated based on the amount of information being processed, considering all types of risks, attacks, and vulnerabilities.

The introduction of technology into process operation systems has given rise to the emergence of the OT (Operational Technologies) environment, with the aim of more efficiently controlling and managing various industrial processes.

These systems were designed for demanding environments, where suboptimal environmental conditions are encountered and where permanent operation of normally isolated systems is required to safeguard the continuity of the service they provide.

To address security gaps, it is necessary to identify the IT security elements that cannot be applied to OT environments and define compensatory measures compatible with the functioning and operation of critical infrastructures.

The aviation sector could now face increasing pressure to accelerate investments in cyber resilience, layoffs, and rapid response mechanisms to prevent future incidents that ground both passengers and aircraft.

In the digital age, threats go far beyond physical security.