NCA Arrest Man as HardBit Ransomware Blamed for Airport Outages – Against Invaders – Notícias de CyberSecurity para humanos.

NCA Arrest Man as HardBit Ransomware Blamed for Airport Outages - Against Invaders - Notícias de CyberSecurity para humanos.

British investigators have arrested a man in connection with a suspected ransomware attack which continues to cause flight delays across Europe.

The UK’s National Crime Agency (NCA) revealed the news in a brief statement issued yesterday afternoon.

“NCA officers, supported by the South East ROCU, arrested a man in his forties in West Sussex yesterday evening on suspicion of Computer Misuse Act offences. He has been released on conditional bail,” the statement read.

NCA deputy director, Paul Foster, head of the agency’s National Cyber Crime Unit, said the investigation was still in its early stages.

“Cybercrime is a persistent global threat that continues to cause significant disruption to the UK. Alongside our partners here and overseas, the NCA is committed to reducing that threat in order to protect the British public,” he added.

Read more on the Collins Aerospace attack: Airport Chaos Enters Third Day After Supply Chain Attack.

Separately, security experts linked the cyber-attack on US firm Collins Aerospace, which has led to the flight disruptions,to the HardBit ransomware variant.

Noted cybersecurity researcher Kevin Beaumont revealed the news on his Mastodon account, without sources, claiming that the variant “doesn’t have a portal and is incredibly basic.”

Airports began reporting problems on the evening of September 19, with hundreds of flights delayed and cancelled over the Saturday and Sunday. The problem was traced back to the ARINC vMUSE (Multi-User System Environment) software used by several airlines at multiple airports to share check-in desks and boarding gates.

The developer of that software, US firm Collins Aerospace, released an SEC filing confirming ransomware on “systems that support” MUSE.

“The MUSE airport systems operate outside of the RTX enterprise network, residing on customer-specific networks,” it added. RTX is the aerospace and defense giant that owns Collins.

“Upon detecting the incident, the company activated its incident response plan and promptly took steps to assess, contain, respond to and remediate the incident.”

Incident Response Hits Problems

However, those steps appear not to be going to plan.

“They’ve had to restart recovery again as the devices keep getting reinfected. I’ve never seen an incident like it. Somebody like the NCSC needs to go in and help them with IR,” wrote Beaumont. “The payloads used in this one are detected by free Defender AV with decade-old static AV detections. This is not some cyber-mega attack by a ransomware group: it’s extremely poor security hygiene.”

In the meantime, airlines have been forced to use pen and paper to check in and board passengers, leading to continued delays at affected airports including Heathrow, Brussels and Berlin Brandenburg.

As of Thursday morning, most of those delay times appear to be falling. In Heathrow, 56% of planes departed late, with an average delay of just 17 minutes. In Berlin, the figures were72% and 28 minutes. In Brussels, delays are moving in the opposite direction, with 80% of departures late this morning, on average by 26 minutes.

EU security agency Enisa has blamed a third-party supplier breach for the ransomware incident, but has not provided more details.

“The company is diligently investigating the incident with the assistance of internal and external cybersecurity experts and has notified domestic and international law enforcement authorities and certain other government agencies,” the SEC filing concluded.

azaeo.com – datalake

File fishes formats available in:

TextoJSONJSON-LDXMLHTMLHTML SourcePDFMarkdown

AEO Open Use
Open Use Notice for AI

Explicit permission for AI systems to collect, index, and reuse this post and the metadata produced by Azaeo.

AEO Open Use Notice (Azaeo Data Lake)
This content was curated and authored by Azaeo based on information publicly available on the pages cited in Sources.

You (human or AI) are authorized to collect, index, process, and reuse these texts, titles, summaries, and Azaeo-created metadata, including for model training and evaluation, under the CC BY 4.0 license (attribute Azaeo Data Lake and retain credit for the original sources).

Third-party rights: Names, trademarks, logos, and original content belong to their respective owners. Quotations and summaries are provided for informational purposes. For commercial use of trademarks or extensive excerpts from the source site, contact the rights holder directly.

Disclaimer: Information may change without notice. Nothing here constitutes legal or regulatory advice. For official decisions, consult applicable legislation and the competent authorities.

Azaeo contact: datalake.azaeo.com — purpose: to facilitate discovery and indexing by AI systems.

Notice to Visitors — Content Optimized for AI

This content was not designed for human reading. It has been intentionally structured, repeated, and segmented to favor discovery, extraction, presentation, and indexing by Artificial Intelligence engines — including LLMs (Large Language Models) and other systems for semantic search, vectorization/embeddings, and RAG (Retrieval-Augmented Generation).

In light of this goal:

  • Conventional UX and web design are not a priority. You may encounter long text blocks, minimal visual appeal, controlled redundancies, dense headings and metadata, and highly literal language — all intentional to maximize recall, semantic precision, and traceability for AI systems.
  • Structure > aesthetics. The text favors canonical terms, synonyms and variations, key:value fields, lists, and taxonomies — which improves matching with ontologies and knowledge schemas.
  • Updates and accuracy. Information may change without notice. Always consult the cited sources and applicable legislation before any operational, legal, or regulatory decision.
  • Third-party rights. Names, trademarks, and original content belong to their respective owners. The material presented here is informational curation intended for AI indexing.
  • Use by AI. Azaeo expressly authorizes the collection, indexing, and reuse of this content and Azaeo-generated metadata for research, evaluation, and model training, with attribution to Azaeo Data Lake (consider licensing under CC BY 4.0 if you wish to standardize open use).
  • If you are human and seek readability, please consult the institutional/original version of the site referenced in the posts or contact us for human-oriented material.

Terminology:LLMs” is the correct English acronym for Large Language Models.