A flurry of cyberattacks that grounded planes from Dallas to Berlin were designed to sow chaos and deter ordinary people from going about their lives, an expert has said.
Disruption swept some of the world’s biggest airports last weekend after an air traffic outage brought flights across the US to a standstill and a cyber attack crippled check-in and boarding systems at Heathrow, Brussels and Berlin.
Then, in another incident, mysterious drones were spotted flying over four airports in Denmark – Aalborg, Sonderborg and Esbjerg, as well as at the Skrydstrup airbase – last night and this morning.
This came after drones were spotted hovering above Copenhagen and Oslo’s airports earlier this week.
Dr Daniel Gardham, from the University of Surrey Centre for Cyber Security, said it is ‘unsurprising’ that the aviation industry has been hit.
‘There’s a reason the attackers are going after these very visible targets, he told Metro.
‘One is that it affects the everyday person – it brings your attention to these matters, whether you care about it or not.
‘And secondly, with airports in particular, they have different systems in place that have to work together so it runs more efficiently.’
These systems range from software managing the conveyor belt and baggage to the fuel pumps in the aircraft, which opens airports up to a larger possibility of being attacked.
‘It is unsurprising that they are able to find vulnerabilities at an airport, just because of the scale of the operation, and the fact that it comprises so many pieces that have to work together,’ he said.
He added that while the complexities are unlikely to disappear anytime soon despite advancements in AI and technology, an average traveller shouldn’t lose sleep over possible cyber-related flight disruption.
Dr Gardham said: ‘I’m sure the airports themselves are very worried, because they know that they’re being targeted.’
While passengers should be mindful about cybersecurity, there’s not much passengers themselves can do. He’s recommended that they take out travel insurance in case something happens.
So, how prepared is the UK for the likelihood of more cyber attacks targeting aviation – and how worried should you be?
Mantas Sabeckis, an ethical hacker and infosecurity researcher, said the UK aviation world is taking cyber threats seriously, and he feels they’re doing a good job of keeping on top of the changes.
He pointed to a recent UK Cyber Security Breaches Survey, which showed that around 76% of large UK businesses have plans in place for cyber incidents.
‘They push for basics like keeping systems updated, training staff on cyber risks, and having a solid plan to bounce back quickly if something goes wrong,’ he told Metro.
‘That being said, aviation is very complex, with lots of different companies and suppliers working together. This means there are still weak spots – like the recent cyberattack linked to Collins Aerospace is a good example of causing big headaches at airports.
‘So, even though the UK is doing well compared to many places, the job of protecting aviation cyber systems is never done. You have to keep learning, improving, and staying alert as hackers get smarter.’
Are digital boarding passes safer?
As airports remain on high alert, airlines are preparing to end the use of paper boarding passes. Ryanair, for example, is going 100% digital from November 12, a move that has been labelled a nightmare by passengers.
Mr Sabeckis said while online boarding passes usually speeds up check-in and boarding, they come with risks – especially in light of the recent attacks.
‘Staff have to fall back on manual processes like handwritten boarding passes, which slows everything down and can cause confusion,’ he said.
‘I think digital boarding passes are the future, and now is still a good time for airlines like Ryanair to continue adopting digital boarding passes, but they need to do it carefully. They should keep in mind that the aviation sector saw a 600% year-on-year increase in cyberattacks, and this means they must prepare for potentially more frequent and sophisticated cyber threats that could disrupt automated systems.’
What about the US? Are they safe from cyber attacks?
It is not just the UK and European travel hubs that have been targeted in recent years.
Airlines in the US fell victim to the Scattered Spider cybercrime network shortly after hackers paralysed Marks and Spencer payment systems in the UK, leading the FBI to issue an alert about the group in June.
The FBI said it has seen the Scattered Spider cybercriminal group ‘expanding its targeting to include the airline sector.’
‘These actors rely on social engineering techniques, often impersonating employees or contractors to deceive IT help desks into granting access,’ the FBI warned.
Source : https://metro.co.uk/2025/09/25/prepared-uk-airport-cyber-hacks-24251063/