Cyberattack at European airports: how to prepare for massive disruption

Today, a digital failure can bring terminals to a standstill, delaying thousands of passengers and jeopardizing the smooth flow of connections. At a time when several major European hubs have been affected by a computer attack on automatic check-in systems, it is becoming essential for travelers and air transport players to understand the issues at stake and the measures to be taken.

Ransomware attack hits auto-register

According to Flywest, a ransomware recently targeted the automatic check-in platforms used by several major European airports, leading to a switch to manual procedures. The consequences were immediate: long queues, flight delays and occasional cancellations. The affected systems, supplied by a dedicated airport solutions provider, forced airlines and ground staff to deploy back-up resources to maintain operations.

Operational impact: delays, cancellations and chain of connections put to the test

Abrupt conversion to manual processes makes operations more cumbersome. Check-in on tablets and laptops means longer processing times for passengers, and more complex baggage handling. For connecting passengers, the risk of missing a connection increases significantly. Airlines have to reallocate resources, sometimes delaying departures to embark passengers or, in some cases, canceling rotations to preserve network safety and reliability.

On the commercial front, a cyber attack of this nature erodes customer confidence and generates immediate costs: staff overtime, technical and logistical interventions, crisis communication. Affected airports and carriers need to prepare for the worst while managing passenger information to limit panic and maintain confidence.

Why airports have become prime targets

Airport infrastructures combine numerous interconnected systems: passenger management, baggage control, ramp operations and commercial systems. This interconnection, while improving efficiency, also creates vulnerabilities. Malicious actors exploit the complexity of software chains and the diversity of suppliers to strike where the impact is greatest.

Dependence on **third-party suppliers** and centralized platforms increases the risk of an attack spreading. When a critical component is affected, the domino effect can quickly affect several airports and airlines, as reported by Flywest during the recent crisis.

Preparing in advance: essential practices for airports and airlines

Resilience is based on prevention and response capacity. Implementing **business continuity plans**, segmenting networks to limit the spread of an incident, regular backups and switchover procedures to manual operations are all essential measures. It is also crucial to invest in incident drills and inter-organizational simulations to test the interfaces between airlines, airport managers and technical suppliers.

The human aspect must not be overlooked: training ground crews, ground staff and customer services personnel helps to improve flow management and communication in times of crisis. Finally, sectoral cooperation and real-time information exchange strengthen our collective ability to contain and resolve a major incident.

The role of the authorities and public-private coordination

In the face of large-scale attacks, coordination between national authorities, European bodies and private operators is crucial. Investigations and technical feedback help to identify the vulnerabilities exploited, and guide corrective measures. Authorities can also impose stricter security requirements and provide financial support for critical infrastructures to speed up the necessary upgrades.

For travelers, the best attitude remains preparation: anticipate wider margins for connections, download flight information and favor official airline and airport communication media. According to Flywest, the transparency of carriers and the quality of emergency procedures were decisive in limiting the extent of disruption during the recent incident.