Berlin Brandenburg Airport is experiencing ongoing disruptions after a cyberattack on its IT systems late last week, forcing delays, cancellations and long waiting times for travelers. Airport officials said the problems could persist for several more days as airlines and staff attempt to maintain operations under limited capacity.
The ransomware attack, confirmed by the European Union Agency for Cybersecurity (ENISA), has left critical airport systems partially disabled. Check-in, boarding and baggage handling remain restricted, with airlines resorting to manual or external methods to process passengers. Similar difficulties were reported at airports in Brussels, Dublin and London Heathrow, while other major German hubs were unaffected.
Flights and Baggage Handling Severely Affected
The airport warned that passengers should continue to expect delays and cancellations throughout the day and beyond. “The company has informed us that it may take several more days before they can provide a functioning system,” said a spokesperson for Berlin Brandenburg Airport to Deutsche Presse-Agentur. “This is very regrettable and it surprised us.”
Most morning and mid-day flights have departed behind schedule, with some delays as short as 15 to 20 minutes but many lasting one to two hours. Passengers are advised to confirm flight status with their airlines before traveling to the airport. The spokesperson also urged travelers to check in online when possible or use self-service kiosks, available from 19 airlines in the terminal.
The cyberattack has severely impacted baggage processing, with passengers initially unable to link their luggage to specific flights. Since Tuesday morning, staff regained partial functionality, enabling baggage to be assigned directly to flights rather than just to airlines, slightly improving the process.
Despite this improvement, the airport continues to struggle with high baggage volumes. “But there are still large volumes of baggage that need to be handled. In terms of staff and space, the airport is slowly reaching its limits,” said the spokesperson. Some passengers attempted to bypass the system by carrying large suitcases through security as hand luggage. “That does not work; we strongly advise against it,” the spokesperson said, stressing that all large baggage must go through the sorting process to reach the aircraft hold.
Airlines have improvised by checking in passengers manually or using alternative technologies. The additional workload and slower pace of operations have contributed to congestion in departure areas, where lines have lengthened significantly.
Cybersecurity Concerns Across Europe
ENISA confirmed that the incident involved ransomware, malicious software that encrypts systems and demands payment for decryption. The agency said airports in Brussels, Dublin and London Heathrow also reported passenger processing problems linked to the same attack vector. Berlin remains the most severely affected facility, with disruptions still widespread several days after the breach.
The attack has raised concerns about the resilience of Europe’s aviation infrastructure. While other major airports in Germany, including Frankfurt and Munich, were not affected, the situation at Berlin Brandenburg has highlighted vulnerabilities in centralized IT systems essential to airport operations. Security experts warn that ransomware attacks on critical infrastructure are becoming increasingly sophisticated, with aviation considered a high-value target due to its reliance on digital networks.
Authorities have not disclosed whether ransom demands have been made or if negotiations are underway. The airport has also not provided a timeline for full restoration of services, citing uncertainty over how quickly IT specialists can restore systems without further disruption.
For now, passengers using Berlin Brandenburg Airport are urged to prepare for long waits, potential cancellations and irregular services. With airlines continuing to adjust schedules and ground staff managing baggage under strain, the airport is operating under emergency conditions more than four days after the attack.
As of midweek, officials confirmed that recovery is ongoing but incomplete, and passengers are likely to face significant travel disruptions until the airport’s IT infrastructure is fully restored.
Photo Credit: Framalicious / Shutterstock.com
