EU Cybersecurity Agency Confirms Ransomware Attack Behind Widespread Airport Disruptions

September 2025 — The European Union’s cybersecurity agency has confirmed that a ransomware attack was the root cause of recent disruptions at several major airports across Europe, raising new concerns about the vulnerability of critical infrastructure to cyber threats.

Nature of the Attack

Investigators revealed that the ransomware targeted airport IT systems responsible for check-in services, flight scheduling, and baggage handling. The attack temporarily halted operations at multiple airports, causing flight delays and cancellations that affected thousands of passengers.

Officials said no evidence has emerged that flight safety systems were compromised, but the disruption underscores how digital systems essential to travel logistics can become prime targets for cybercriminals.

EU Agency Response

The EU Cybersecurity Agency (ENISA) confirmed that the attack was a coordinated effort, with hackers demanding payment to restore access to encrypted systems. Authorities declined to specify whether ransom demands were met but said efforts are underway to strengthen defenses.

“Cybersecurity is now as important to airport operations as physical security,” an ENISA spokesperson said, calling on member states and airlines to accelerate investments in digital resilience.

Impact on Travelers

Passengers reported long queues, missed connections, and confusion as staff were forced to revert to manual check-in procedures. Airlines scrambled to rebook travelers, and some carriers warned that lingering effects could continue for several days.

Industry experts estimate that the financial losses from flight delays, cancellations, and passenger compensation could run into the tens of millions of euros.

Growing Cybersecurity Concerns

This incident is the latest in a string of ransomware attacks targeting critical services across Europe, from healthcare systems to energy networks. Experts warn that the aviation sector, with its heavy reliance on digital systems and global interconnectivity, is particularly attractive to cybercriminals.

Analysts say the attack highlights the need for greater cooperation between governments, regulators, and private companies to improve cybersecurity standards.

Looking Ahead

European officials are expected to announce new security measures, including tighter compliance requirements for airport IT systems, broader information-sharing among member states, and increased funding for cybersecurity research.

As airports work to restore normal operations, the attack serves as a reminder that the safety and efficiency of air travel now depend as much on defending against digital threats as on physical infrastructure.