Aviation suffered at least ten major cyberattacks in 2025, capped by a ransomware strike on a critical airline technology provider that knocked out check-in and boarding systems at London Heathrow, Brussels and Berlin, forcing a continent-wide revert to manual operations and triggering widespread delays, cancellations and passenger backlogs. The World Economic Forum’s Global Aviation Sustainability Outlook 2026 warns that tightly coupled systems, legacy infrastructure and third-party dependencies are turning aviation’s accelerating digitalization into a structural liability, creating single points of failure capable of cascading across entire regions.
The WEF report flags cyber resilience as an increasingly direct competitor to sustainability for executive attention and resources, a tension it expects to sharpen as geopolitical pressures mount and aviation’s digital footprint continues to grow. It also reflects how rapidly the global landscape has shifted over the past year, shaped by rising clean technology costs and deployment hurdles alongside mounting disruptions from geopolitics, conflict, trade tensions, cybercrime and climate change, all of which have significantly altered the context since the release of its first Global Aviation Sustainability Outlook.
The cyber threat is now colliding directly with aviation’s decarbonization agenda. As airlines and airports pour investment into the digital tools needed to cut emissions and improve efficiency, attacks are diverting capital, disrupting planning and eroding confidence in the very transformation the sector depends on to reach net zero.
The WEF report warns that tightly interconnected third-party systems and legacy infrastructure are creating single points of failure with the potential for cascading, industry-wide disruption. The sector’s cybersecurity problem is now intersecting directly with its sustainability agenda, as attacks divert investment, complicate long-term planning, and undermine confidence in the digital transformation aviation needs to decarbonize.
Focusing on wider industry trends, the Global Aviation Sustainability Outlook 2026 mentioned a surge in climate, workforce, grid and cyber disruptions is sharpening the urgency for stronger resilience planning and risk mitigation. Throughout 2025, aviation faced a steady stream of shocks, from more frequent and severe weather events to emerging physical and digital threats affecting airport operations. Hurricanes, intense solar radiation, drone activity, cyberattacks and electrical infrastructure failures all contributed to operational instability, exposing how vulnerable the system has become to compound risks.
At the same time, workforce shortages and labor disputes compounded these pressures, disrupting the movement of passengers and cargo and extending the impact well beyond the point of failure. In many cases, disruptions lasted weeks or even months, reinforcing the need for executives to treat resilience planning as a parallel priority to decarbonization rather than a secondary concern.
“The rising frequency of cyber-related events has prompted airports, operators and regulators to elevate cyber resilience as a priority risk area,” the WEF reported. “As geopolitical tensions rise and the digital footprint of aviation expands, cybersecurity is increasingly competing for attention and resources with sustainability initiatives. In this context, operational disruptions from cyber-attacks not only have immediate economic and service implications but also pose barriers to long-term sustainability goals by diverting investments, complicating planning and undermining confidence in digital transformation.”
Clearly, these risks are increasingly intertwined with other forms of disruption, such as drone sightings and system outages. They showcase how digital vulnerabilities can quickly escalate into complex, multi-faceted operational crises.
Last September, Filipe Beato, manager for cyber resilience at the WEF’s Centre for Cybersecurity, and Tal Goldstein, WEF’s head of strategy and growth, wrote in a post that “For malicious actors, critical infrastructure like airports offers a wide surface attack area. There are multiple sources of interconnected IT and operational technology, alongside the Internet of Things, controlling everything from passenger processing to air traffic control to baggage handling.”
They added that a large number of niche but critical players need to function in harmony, potentially creating very fragile systems. “Often, there is limited visibility into suppliers, and uneven capabilities across them can create ecosystem-wide resilience challenges. This interconnectivity and dependence on third parties also mean that cyber incidents can cascade across multiple systems and affect multiple stakeholders, amplifying the effect of the initial attack. Cyber resilience relies on identifying ahead of time what the priority assets and functions are, and allocating resources accordingly.”
Amid rising geopolitical uncertainty, uneven cybersecurity across supply chains, and evolving technological landscape, building and maintaining cyber resilience has become increasingly challenging. To prevent safety incidents and major financial shocks, aviation systems must embed three core principles throughout their operations. First, organizations need to identify and develop a deep understanding of systemic points of failure. Second, executive awareness and accountability for cybersecurity must be elevated to ensure that security is a strategic priority. Third, collaborative ecosystems should be fostered to address disparities in cyber capabilities and bridge gaps across all stakeholders.
