On 19 September 2025, a cyberattack caused significant disruptions to passenger processing at several European airports. The cause was a ransomware attack on the systems of the IT service provider Collins Aerospace. Investigations show that the affected systems were running outdated software, which made them particularly vulnerable to the attack.
In this blog post, you will learn exactly what happened and how companies can effectively protect themselves against such cyberattacks.
The ransomware attack on the service provider Collins Aerospace caused delays in check-in, boarding, and baggage handling on 19 September 2025. Collins Aerospace, a subsidiary of the US defence contractor RTX, provides software for passenger processing, including systems for check-ins, boarding, and baggage handling. Airports affected included Berlin Brandenburg (BER), London Heathrow, Brussels, and Dublin.
The issues were limited to electronic check-in and baggage systems. Check-in was still possible, but only manually with paper and pen. As a result, several countries experienced flight cancellations and delays. The airports themselves were not the direct target of the attack, but were affected nonetheless.
Hackers exploited vulnerabilities in outdated software. The affected system ran on an Oracle Glassfish server from 2012, which had not been properly patched for years. Such centrally deployed systems make service providers an attractive target: if their infrastructure is taken down, multiple airports can be affected simultaneously.
The attack highlights the importance of keeping critical systems up to date and continuously checking their security. Companies can protect themselves by:
Experts warn that ransomware is increasingly targeting major disruptions of critical infrastructure. Ransomware refers to software that causes harmful effects, such as encrypting or locking files or even entire systems. Hackers exploit vulnerabilities to cause maximum damage. This makes it all the more important to carefully review software and close security gaps at an early stage.
To ensure top-level IT security and reliably protect your company, modern security solutions are essential. These include firewalls, VPN solutions, and endpoint protection. Below, we present suitable solutions from leading manufacturers such as SonicWall, WatchGuard, Fortinet, Juniper, and Palo Alto Networks.
Modern VPN solutions provide reliable protection for remote access to your corporate network. Products like SonicWall Secure Mobile Access (SMA) enable secure remote access, WatchGuard Mobile VPN allows easy integration of mobile employees, and Fortinet FortiClient EMS offers a centrally managed VPN client with ZTNA functionality.
Modern endpoint security solutions reliably protect all devices against malware, ransomware, and other cyber threats. SonicWall Capture Client offers integrated malware protection, WatchGuard EPDR provides comprehensive coverage with Endpoint Protection, Detection & Response, and Fortinet FortiEDR detects and neutralises attacks on endpoints in real time.
The cyberattack clearly demonstrates that security vulnerabilities can have severe consequences. With the firewalls, VPN solutions, and endpoint protection systems presented, you can establish a solid foundation for a reliable security strategy.
In addition to these solutions, our shop offers numerous other products for IT security and network protection, including from Juniper, Palo Alto Networks, and Cisco. Simply request a project via our enquiry form. Take this opportunity to strengthen your IT infrastructure now and minimise risks at an early stage.
