18 Nov The Cybersecurity Path Forward for Airlines
This week in cybersecurity from the editors at Cybercrime Magazine
Sausalito, Calif. – Nov. 18, 2025
– Read the full story in Forbes
The Sep. 2025 ransomware attack on European airports left tens of thousands of passengers stranded. Reuters reported that ENISA confirmed a cyberattack on a third-party boarding system provider that disrupted major European airports such as Heathrow, Brussels, Berlin and Dublin.
Staff resorted to handwritten boarding passes. Flights were canceled. Queues stretched through terminals. Manual processes couldn’t handle the volume. The impact varied dramatically depending on how airlines had prepared.
The attack exposed a fundamental architectural weakness. Airlines relying entirely on centralized, shared infrastructure had no backup. When airport kiosks and traditional check-in desks stopped working, operations shut down.
According to the World Economic Forum’s Global Cybersecurity Outlook 2025, 54 percent of large organizations believe supply-chain challenges are one of the biggest hurdles in achieving cyber resilience.
Single points of failure in shared systems can disrupt physical airport operations for days. Cybersecurity Ventures estimates global cybercrime losses could exceed $10 trillion per year by 2025, with aviation particularly exposed due to its interconnected systems.
“From our experience in aviation software development, we saw firsthand that airlines with a thorough operational resilience plan, such as a decentralized system to limit damage from localized attacks, maintained operations,” writes Stoyan Mitov, CEO of Dreamix, a custom software development company, in a Forbes article. “An airline (one of our clients) using an independent mobile boarding platform reported continued operations at affected airports. Ground agents equipped with mobile devices maintained passenger processing activities independently of centralized infrastructure.”
Airlines don’t need to rip out existing systems. Mitov believes that the path forward requires strategic thinking about architectural flexibility, not wholesale replacement.
Cybercrime Magazine is Page ONE for Cybersecurity. Go to any of our sections to read the latest:
- SCAM. The latest schemes, frauds, and social engineering attacks being launched on consumers globally.
- NEWS. Breaking coverage on cyberattacks and data breaches, and the most recent privacy and security stories.
- HACK. Another organization gets hacked every day. We tell you who, what, where, when, and why.
- VC. Cybersecurity venture capital deal flow with the latest investment activity from various sources around the world.
- M&A. Cybersecurity mergers and acquisitions including big tech, pure cyber, product vendors and professional services.
- BLOG. What’s happening at Cybercrime Magazine. Plus the stories that don’t make headlines (but maybe they should).
- PRESS. Cybersecurity industry news and press releases in real time from the editors at Business Wire.
- PODCAST. New episodes daily on the Cybercrime Magazine Podcast feature victims, law enforcement, vendors, and cybersecurity experts.
- RADIO. Tune into WCYB Digital Radio at Cybercrime.Radio, the first and only round-the-clock internet radio station devoted to cybersecurity.
Contact us to send story tips, feedback and suggestions, and for sponsorship opportunities and custom media productions.
