Airport Drone Incidents Are Getting Worse

The pattern is unmistakable. In October 2025, European airports experienced more drone incursions than the entire previous year. Munich, Brussels, Liège, Riga, Sofia, and Alicante-Elche all reported unauthorized unmanned aircraft in controlled airspace. The incidents range from minor incursions with no confirmed hostile intent to disruptions lasting hours and affecting tens of thousands of passengers.

Yet the response from airport operators, regulators, and governments remains fragmented, undersourced, and constrained by physical and regulatory limitations that are difficult to overcome. The gap between the threat and operational counter-UAS capability at civilian airports is widening, not narrowing.

2025 Incident Pattern

The October 2025 spike in airport drone incidents reflects both increasing incursion frequency and improved detection. Some incidents that would have gone unnoticed in 2023–2024 are now detected because airports have deployed detection systems.

Munich Airport (MUC)

Munich Airport, Europe's third-busiest hub, suspended all operations for 4 hours on October 17 following credible reports of unmanned aircraft in terminal control airspace. The incident forced cancellation and delay of 340+ flights, stranding approximately 60,000 passengers across a single afternoon.

Official investigation determined that multiple small unmanned aircraft were present in the controlled airspace at approximately 500 feet altitude near the northern approach corridor. No engagement occurred. No hostile action was observed. However, under German and European aviation regulations, confirmed or credible unidentified aircraft in terminal control airspace mandate immediate operational suspension.

Post-incident analysis revealed significant capability gaps. Ground-based RF detection (a Dedrone system recently deployed) detected the aircraft. However, the detection was not immediately confirmed through independent visual means. The escalation from detection to ATC notification to operational suspension took 35 minutes. During that time, aircraft continued normal operations, increasing risk.

Brussels, Liège, Riga, Sofia, Alicante-Elche

Over the same three-week period:

Brussels Airport (BRU): Two reported incursions on October 8 and October 24. Both were minor, in controlled airspace but at altitude levels lower-threat. Incursions were detected, investigated, and resolved with brief operational disruption (15–20 minutes each).

Liège Airport (LGG): Three separate drone sightings, attributed to recreational activity based on temporal pattern and altitude profile. No operational disruption.

Riga Airport (RIX): Single confirmed unmanned aircraft on October 11, detected and visually confirmed. Investigation classified as likely border surveillance activity, not aviation threat. Operational disruption: 30 minutes.

Sofia Airport (SOF): Reported drone activity on October 19 in approach airspace. Operational suspension triggered for 90 minutes. No positive identification of aircraft or operator.

Alicante-Elche Airport (ALC): On October 31, credible report of unmanned aircraft adjacent to active runways. Spanish authorities triggered partial operational suspension lasting approximately 2 hours. No confirmed hostile intent; investigation classified as likely recreational activity.

Aggregate Impact: Six major airports in October 2025 experienced operational disruptions totaling approximately 300+ minutes (5+ hours) of lost capacity. These incidents directly affected passenger traffic, airline operations, and business continuity. Estimated economic impact: several million euros in disruption costs, delays, and rebooking expenses.

Why Airports Are Uniquely Difficult to Defend

Airports present counter-UAS challenges distinct from military installations, critical infrastructure, or urban areas. Understanding these challenges explains why effective airport C-UAS remains elusive.

Complex Airspace and Multiple Threat Origins

Airport terminal control areas are among the most complex airspace in the world. A typical major airport controls airspace extending 5–15 kilometers from the runway threshold, with multiple altitudes and approach/departure corridors. Dozens of authorized manned aircraft may be in this airspace at any given moment.

An unauthorized unmanned aircraft could originate from multiple locations: recreational operators flying from nearby areas, malicious actors with line-of-sight from perimeter roads or buildings, or remote operators controlling aircraft from considerable distance (if the platform has extended range).

Effective counter-UAS requires not only detecting the drone but also establishing probable origin, operator, and intent—quickly enough to inform engagement decisions before passenger safety is compromised.

Regulatory Constraints on Mitigation

Military counter-UAS can employ kinetic engagement: missiles, cannon fire, or kinetic interceptors. Commercial airports cannot. Kinetic engagement over an airport generates unacceptable collateral risk. Fragments from an interceptor, or the unmanned aircraft itself, could strike manned aircraft on approach/departure, in holding patterns, or on the ground.

This constraint eliminates an entire category of C-UAS capability. Airports are left with detection, identification, electronic countermeasures (if operationally approved), and limited kinetic options (small-caliber fire in very specific circumstances, with extreme procedural control).

Procedural and Regulatory Friction

Air traffic control, airport operations, security, and law enforcement operate under distinct regulatory regimes. Escalation from runway incursion detection to operational suspension requires coordination among ATC, airport operations, security, and emergency response. This coordination is documented in procedures but often untested in real conditions.

Additionally, European aviation regulations mandate specific procedures for confirmed or credible unidentified aircraft in terminal control airspace. These procedures prioritize safety over efficiency, resulting in operational suspension until the threat is definitively resolved. This is appropriate from a safety perspective but creates regulatory risk for airport operators: they cannot re-open operations until formal procedures are satisfied.

Ambiguous Threat Classification

Unlike a military installation where any unauthorized aircraft is presumed hostile, an airport must quickly determine whether a detected drone is:

1. Recreational (recreational operator unaware of airspace restriction)
2. Commercial (delivery service, media, infrastructure inspection)
3. Intentionally Hostile (coordinated attack, espionage, sabotage)

This classification determines response. Recreational incursions warrant detection, identification, and operator apprehension. Commercial incursions warrant detection and airspace clearance. Hostile incursions warrant detection, engagement, and law enforcement response.

However, in the first 30 seconds after detection, classification is ambiguous. A correctly-operated commercial drone can look identical to a hostile platform. An airport operator cannot assume hostile intent but cannot ignore the possibility. This ambiguity paralyzes response and prolongs operational disruption while investigation occurs.

False Alarm Cost

If a C-UAS system has high false alarm rates, airport operations are disrupted for non-threats. A single false alarm costs $50,000–$500,000 in disruption, delays, and rebooking. Multiple false alarms per week make airport C-UAS economically untenable.

Consequently, airports demand detection systems with extraordinarily low false alarm rates—less than 1–2% at peak operational periods. This is a higher standard than military C-UAS systems achieve routinely.

What Is Being Done

Airport operators, regulators, and security officials are mobilizing, but action is fragmented and under-resourced.

Dedrone Airport Deployments

Dedrone, a commercial RF detection specialist, has deployed systems to over 30 major European airports. The systems detect, classify, and report unauthorized unmanned aircraft in real-time. Dedrone systems can distinguish between recreational drones, commercial platforms, and potential threats based on RF signature analysis.

Dedrone's approach is detection-centric: the system identifies the presence of unauthorized aircraft but does not provide engagement capability. Airport operators use Dedrone detections to inform operational decisions (shutdown, ATC notification, law enforcement dispatch).

The Dedrone deployment at Munich Airport detected the October 17 incursion within 2 minutes of aircraft power-up. However, the detection-to-shutdown interval remained 35 minutes—the constraint being procedural confirmation and operational authorization, not detection capability.

Sentrycs Airport Contracts

Sentrycs, a vendor focused on RF detection and airport C-UAS, has secured contracts with multiple European airports. Sentrycs delivers integrated RF detection and command/control capability optimized for airport operations.

In a significant procurement, Sentrycs and Ondas Holdings announced $8.2 million in contracts for airport counter-UAS systems at two major European airports. The contracts specify RF detection, local command capability, integration with airport operations, and training. This represents the largest airport C-UAS commitment to date.

FEMA World Cup Grants

The U.S. Federal Emergency Management Agency (FEMA) allocated $250 million in grants for critical infrastructure and major event protection, including airport counter-UAS capability. U.S. airports are using these grants to procure detection systems, train personnel, and establish procedures for counter-UAS response.

FEMA's approach emphasizes detection and rapid response rather than sustained engagement capability. Airports are outfitted to detect unauthorized aircraft, alert law enforcement, and coordinate with ATC. Engagement capability is not anticipated to be available at most airports; rather, rapid detection enables law enforcement and ATC to manage the threat.

Regulatory Guidance Updates

European and U.S. aviation authorities are updating guidance on airport counter-UAS response. These updates address:

• Detection and Reporting Standards: What triggers notification to ATC and operational suspension?
• Escalation Procedures: What authorities must be notified, and in what sequence?
• Non-Kinetic Response: What electronic countermeasures are operationally acceptable (if any)?
• Training and Certification: What training is required for personnel managing airport C-UAS?

However, regulatory updates are slow. Most updates remain in draft or early implementation phase. There is no harmonized European standard for airport C-UAS procedure.

The Persistent Gap Between Threat and Response

Despite these efforts, significant gaps remain between the threat and operational counter-UAS capability at civilian airports.

Detection Is Not Mitigation

Detection systems tell an airport operator that an unauthorized drone is present. They do not defeat the threat. An airport can detect a malicious drone, alert law enforcement, and establish cordon areas—but if the drone is capable of autonomous operation, high-altitude flight, or evasive maneuvering, detection alone may not prevent mission success.

Engagement Constraints Remain Binding

Airports cannot easily employ kinetic engagement. Non-kinetic alternatives (RF jamming, net-capture) are operationally approved at very few airports and require specialized equipment and training. The result is a detection-report-and-wait posture: detect the drone, alert authorities, and hope that rapid law enforcement response disrupts the operator before the drone completes its mission.

Procedural and Coordination Friction

Despite procedure updates, real-time coordination among ATC, airport operations, security, law enforcement, and emergency response remains imperfect. Detection-to-response intervals are measured in tens of minutes, not seconds. In contested scenarios, minutes may be unacceptable.

International Coordination Absent

Airport drone incursions often involve operators not physically present in the airport's country. For instance, an operator with a remote-capable drone might launch from outside airspace controlled by the airport's nation. International coordination between civil aviation authorities, law enforcement, and intelligence services is underdeveloped.

Training and Proficiency Gaps

Personnel at most civilian airports have limited counter-UAS training. Ground handling, security, and ATC personnel have not trained extensively on drone detection, classification, and response procedures. This is improving but remains a limiting factor on response capability.

What Should Happen

Effective airport counter-UAS requires action across multiple dimensions:

1. Low False Alarm Rate Detection

Airports need RF and optical detection systems with false alarm rates below 1% during peak operations. Dedrone, Sentrycs, and emerging competitors are approaching this standard, but widespread deployment is necessary.

2. Airport-Safe Mitigation Options

Airports need non-kinetic mitigation options that are operationally compatible with civilian airspace. This includes RF jamming, net-capture, or other methods that do not pose collateral risk to manned aircraft.

Current options are limited. RTX's Coyote Block 3NK offers net-capture capability, but deployment at civilian airports is rare due to cost and complexity. Developing lower-cost, lower-complexity non-kinetic options is essential.

3. Pre-Established Response Procedures

Each airport needs documented, trained, and regularly exercised procedures for counter-UAS response. These procedures must specify:

• Detection thresholds that trigger escalation
• Notification sequence and responsible parties
• Escalation authority and decision points
• Operational measures (rate reduction, holding patterns, runway selection)
• Law enforcement notification and response expectations
• Non-kinetic engagement authority and procedures (if available)
• Post-incident investigation and reporting

4. Air Traffic Control Integration

ATC must have direct visibility into airport counter-UAS detection and be empowered to take immediate operational measures (adjust approach vectors, increase separation, divert traffic) based on C-UAS alerts. This requires technical integration and training.

5. Law Enforcement Rapid Response

Most airport counter-UAS incidents will require law enforcement response to locate and apprehend the operator. Law enforcement must be trained, equipped, and pre-positioned to respond within minutes to airport counter-UAS alerts.

This is achievable at major international airports but may be resource-constrained at smaller or regional airports.

6. Harmonized European Standards

European aviation authorities should develop harmonized standards for airport counter-UAS procedure, training, and equipment. Currently, different nations and airports implement different procedures. Harmonization would improve efficiency and enable consistent operator training.

7. International Coordination

Civil aviation authorities should establish information-sharing frameworks with law enforcement and intelligence services to address international dimensions of airport drone incursions. This is beyond traditional aviation authority scope but essential for addressing sophisticated threats.

Outlook

The October 2025 incident pattern signals that airport drone incursions are becoming routine, not exceptional. European airports will continue to experience incursions and will continue to disrupt operations in response.

Over the next 12–24 months, airport operators will deploy detection capability more widely, establish procedures, and train personnel. Mitigation capability (non-kinetic, low-collateral-risk options) will improve as cost declines and operational experience accumulates.

However, airports will remain at an inherent disadvantage: they cannot employ the full spectrum of counter-UAS tools available to military installations. The gap between sophisticated drone threats and airport counter-UAS capability will persist, likely driving continuing operational disruptions and strategic pressure on regulators to approve more permissive mitigation options.

For airport operators, procurement professionals, and security officials, the immediate imperative is clear: deploy detection capability now, establish procedures now, train personnel now, and coordinate with law enforcement now. Waiting for perfect mitigation options will result in continued disruption. Detection and rapid response coordination are achievable today and will meaningfully reduce incident impact.

Related Reading

• How Detection Actually Works
• The Authority Gap
• Dedrone
• D-Fend Solutions
• Commercial C-UAS Market