Everything we know about the airport cyber attacks

Disruption carried over the weekend into Monday, with airlines advising passengers not to travel to airports unless their flight had been confirmed.

The incident comes after several major companies including Marks & Spencer and Jaguar Land Rover have been hit with cyber attacks in recent months.

What happened?

Collins Aerospace, an aviation and defence company which provides airlines with the systems required for checking in passengers and organising boarding, was hit with a cyber attack late on Friday 19 September.

The technology allows multiple providers to use the same check-in desks and departure gates at an airport, rather than requiring their own.

Airlines were forced to check customers in manually, resulting in long queues and delays, meaning many passengers became concerned about making subsequent connecting flights.

Although Heathrow, Brussels and Berlin were the major airports impacted by the attack, flight cancellations and delays also had a knock-on effect on travel in other major cities including Paris, Lisbon and Amsterdam.

The EU’s cyber security agency confirmed the issue was caused by a ransomware attack, according to Reuters.

How long will delays last?

Travellers using major airports have been hit with delays since Friday, which were still ongoing on Monday 22 September.

It is difficult to speculate how long the delays will last, particularly because the source of the attack remains unknown.

A number of flights from Heathrow were showing as delayed on Monday morning, with planes heading to Stuttgart, Dublin and Zurich among those affected.

Heathrow apologised to those who had faced delays but stressed "the vast majority of flights have continued to operate".

Brussels Airport said it had "no indication yet" of when the system would be operational again, instead requesting airlines to suspend half of their departing flights for Monday.

Who is behind the attack?

The European Union’s cybersecurity agency Enisa confirmed on Monday that the disruption was caused by a “third party” cyber attack, but gave no further details about the incident.

It was reported that law enforcement bodies are currently investigating the attack.

The incident has been met with speculations about Russian involvement after concerns have risen around aviation safety in Europe following 19 recent reports of Russian drones entering Polish airspace.

There is currently no evidence to suggest Russian involvement in the attack.

Meanwhile, terror law watchdog Jonathan Hall KC said it was possible state-sponsored hackers could be behind the attack on Collins Aerospace.

Mr Hall, the independent reviewer of terrorism legislation, said attributing the attack would not be easy.

Asked if a state like Russia could have been responsible for the attack, he told Times Radio “anything is possible”.

He said: “Yes, it’s possible that this is carried out directly by a state, but it’s equally possible to be carried out by a private entity that is, sort of, allowed to operate and does it for a combination of public and private reasons.”

That meant attacks were “deniable” for states, even if hackers were based there.

He added: “There are some very capable private entities, let’s say, in Russia or China, who won’t necessarily be being directed by Russia or China.”

In contrast to Mr Hall’s claims, the Prime Minister refused to speculate about a whether hostile state is believed to be behind the attack.

The Prime Minister’s official spokesman said: “We never get into speculation around cyber incidents.

“But we can confirm that the National Cyber Security Centre is engaged in a response.

“We have cyber experts working with Collins Aerospace and affected UK airports to fully understand the impacts and we’ll continue to work with them to address the ongoing issues.”