Brussels Airport & European Airport Check-in Disruption

The Story & the Damage 

In September 2025, a cyberattack on Collins Aerospace’s check-in / boarding software (MUSE / vMUSE / ARINC systems) disrupted operations at major European airports including Brussels, Heathrow, Berlin.  

The attack disabled automatic check-in, baggage drop, boarding systems, forcing airports to revert to manual processes, causing delays, cancellations, and long queues.  

  • Impact specifics for Brussels: 
     • Of ~550 flights, 60 were cancelled during part of the disruption.  
     • Airlines had to use iPads, laptops, handwritten boarding passes to process travelers.  

The EU cybersecurity agency (ENISA) confirmed the incident and attributed it to a third-party ransomware / cyber disruption of the provider software.  

Authorities are investigating, while Collins Aerospace (under parent RTX) acknowledged a “cyber-related disruption” and is restoring systems.  

Who Is at Risk? 
  • Airports & Aviation Infrastructure: check-in, boarding, baggage systems, service desks. 
  • Airlines and ground service providers relying on shared vendor systems. 
  • Travelers / passengers exposed to delays, cancelled flights, loss of trust. 
  • Critical infrastructure sectors where digital vendor dependencies exist. 
  • Technology providers / vendors of airline systems - failures can cascade. 
Pain Points & Challenges 
  • Single vendor dependency: When a widely used provider (Collins) fails, many airports are impacted simultaneously. 
  • Lack of segmentation / isolation: Vendor software often has broad privileges across airport systems. 
  • Forced fallbacks to manual processes are slow, error-prone, and insufficient for scale. 
  • Difficulty in attribution / remediation: Unknown attacker(s), systems widely distributed, restoring full functionality takes time. 
  • Reputation & regulatory risk: Airlines, airports, and vendors will face scrutiny for system resilience and supply chain risk. 
  • Operational & financial ripple effects: cost of passenger care, flight diversions, cancellations, staff overtime, recovery, etc. 
Entropya Solutions 
  • Digital Camouflage: Make airport vendor systems and integrations untraceable — no exposed endpoints or visible infrastructure. 
  • Entropya Encrypted Network (EEN): Use short duration, randomized post-quantum, one-way tunnels to connect systems, hiding topology and blocking lateral moves. 
  • Quantum agents are deployed to obfuscate endpoints and verify trusted connections  
  • Virtual Dissimulated Encrypted Servers (VDES) make vulnerabilities unfindable while maintaining high availability on public facing servers, putting them in stealth mode. 
  • Vendor risk shielding: Wrap third-party integrations so that even if vendor software is attacked, it cannot reveal or compromise your systems. 
  • Resilient fallback & isolation: Architect systems so that vendor failures don’t cascade into full downtime; Entropya can help with fallback paths that remain hidden from attackers. 
  • Consulting and threat modeling: Tailored for airports, aviation vendors, and critical infrastructure to anticipate and defend from vendor-based attacks. 
Next Steps / Call to Action 

This event underscores a crucial lesson: the weakest link in a shared system can take down multiple critical nodes at once. 

If your organization relies on vendor systems or shared infrastructure, you must proactively HIDE → HARDEN → VERIFY. With Entropya, you can transform your processes and systems so attackers cannot trace, map, or disrupt them.

John DOE • CEO of MyCompany


Don’t wait until your systems are forced offline. Let’s build untraceable resilience together. 

Contact us today to protect your infrastructure and vanish from attacker radar. 








Sources