Russia is suspected of being behind a cyber attack that struck Heathrow and other major European airports, leaving thousands of travellers and holidaymakers stranded on the final weekend of summer.
Travel disruption could last for days after a “technical issue” hit boarding systems used by airlines on Saturday, sparking huge disruption at transport hubs across the continent.
It comes a year after a faulty software update from cybersecurity company Crowdstrike halted flights across the United States, costing the global economy up to $10 billion (£7 billion).
Heathrow, Brussels and Berlin are among those impacted by the attack on Collins Aerospace — an American supplier of check-in technology for around 100 airports, including bases operating for NATO.
Huge queues were reported due to manual procedures being introduced, as journeys to key destinations — including Amsterdam, Lisbon and Paris — were hit by delays and cancellations.
Around 400 flights from Heathrow — Britain’s busiest airport — in Hillingdon, west London set off behind schedule and at least seven were cancelled, according to flight tracking data.
The National Cyber Security Centre is currently working with Collins Aerospace and affected UK airports, alongside the Department for Transport, “to fully understand the impact of an incident”.
A spokesman for the defence firm said it was aiming to “restore full functionality to our customers as quickly as possible”, while the European Commission said there is no “widespread or severe attack”.
Questions are now being asked as to what caused the global IT meltdown, with politicians and aviation experts appearing to point the finger at the Kremlin.
Over the last two years, the Ministry of Defence has been subjected to 90,000 cyber attacks – double the number in 2023 – from hostile states, including Russia.
Meanwhile, the Liberal Democrats noted that three Russian Mikoyan MiG-31 fighter jets violated Estonian airspace hours before the incident.
It came after Russian drones were shot down in Poland and spotted in Romania amid heightened fears that the war in Ukraine could spill over.
Collins Aerospace, which provides check-in and boarding systems for several airlines across multiple airports globally, is experiencing a technical issue that may cause delays for departing passengers.
— Heathrow Airport (@HeathrowAirport) September 20, 2025
While the provider works to resolve the problem quickly, we advise… pic.twitter.com/f68e9CbIlu
Callum Miller, the Lib Dem’s foreign affairs spokesman, claims president Vladimir Putin has a pattern of undertaking hybrid warfare against Western adversaries.
He told Sky News: “We think it's right that the government should come clean and let us know what its assessment is — of whether or not this was indeed an attack by Russia."
Speaking to the Daily Mail, former Army colonel Philip Ingram said it is too early to speculate who may be behind the hacking due to a current lack of information.
However, he went on to state: “It does have all the hallmarks of being something where the Russians would be behind it.
“For Russian linked cyber actors to probe into elements of critical national infrastructure of which airports are a key part of critical national infrastructure, would fit perfectly with other activities that are going on.”
In an interview with The Sun, Anthony Glees, Director of European Studies at Brunel University, said: "Without doubt, the Russians are behind these attacks on airports.
"No one can doubt that Putin's strategic planners are the beneficiaries here because they have been able to demonstrate they can attack our cyberspace with impunity and at will."
Meanwhile, Adrianus Warmenhoven, a cybersecurity expert at NordVPN, said that the fallout from the attack could "last for days".
He commented: "The backlog of delayed flights, stranded crews and missed connections will take time to clear, so passengers should expect disruption well into the weekend.
"For a hub like Heathrow Airport, even a few hours offline can ripple through the entire weekend’s schedule."
Rob Jardin, Chief Digital Officer at NymVPN, said the cyber attack affecting airports underlined the risks of relying on third-party suppliers.
“Even if the airport’s own systems aren’t breached, an attack on a partner can still bring flights to a standstill,” he said.
No one can doubt that Putin's strategic planners are the beneficiaries
“Increasingly, hackers are not just criminals but are being weaponised by hostile nation states against Europe, with supply chains seen as an easy way to cause chaos.”
As authorities rushed to resolve the issue, arguments ensued in long check-in queues at Heathrow Terminal 4, resulting in passengers shouting and shoving each other.
Helen Steel, 49, who was trying to fly home with KLM to Oslo via Amsterdam with her cat Thomas, said her experience at the airport had been an “absolute nightmare”.
She said: “I’ve been shouted at twice and I broke down in tears because I was worried about him. None of us have had any information whatsoever. Whenever we ask ground staff, they shout at us.”
Tereza Pultarova, who aimed to catch a KLM flight to Amsterdam, where she was due to connect to Cape Town, said: “It was just insane, the queue wasn’t moving. And then suddenly they said, ‘Oh, the flight will be departing, we’re closing the gate’. So they checked-in like 20 people, maybe like the business class.”
Heathrow said in a statement: "We advise passengers to check their flight status with their airline before travelling to the airport and arrive no earlier than three hours before a long haul flight or two hours for a domestic flight."
