A wave of cyberattacks on airports and airlines has disrupted operations and exposed passenger data, raising hard questions about aviation’s ability to keep pace with fast-evolving risks.

By Tylin Moodley – Travel News

On 19 September, major European hubs — including Heathrow, Brussels and Berlin — were hit. Collins Aerospace’s multi-user system environment (Muse), used at check-in and boarding, was affected, forcing manual processing and long queues.

The EU Agency for Cybersecurity attributed the incident to ransomware. In the past five months, airlines reporting breaches include Air France, KLM, Qantas, Hawaiian Airlines, WestJet and SAA.

Experts point to system complexity as a driver. Prof Basie von Solms notes that more connected systems mean more vulnerabilities, constant patching and less control. He adds that AI is helping criminals probe weaknesses faster — and the trend is set to worsen.

Third-party software is another weak point. Von Solms warns that suppliers integrated into core platforms can become the “underbelly” that attackers exploit, so vendor security must be verified and maintained.

Airport operator Acsa says collaboration and intelligence sharing across the ecosystem are key. It has set up a Cybersecurity Operations Centre, with continuous detection, protection and response, and says its controls align with national and international rules and standards.