Updated on 2023-01-05: Port of Lisbon ransomware attack
The administration of the port of Lisbon (Portugal) suffered a ransomware attack over Christmas. The port’s activity wasn’t disrupted. However, the subsequent disruptions were caused by a planned workers’ strike.
Updated on 2022-12-29: Port of Lisbon Hit with Cyberattack
The Port of Lisbon (Portugal) has confirmed that its IT systems were affected by a cyberattack on December 25. The port, which is one of the busiest in Europe, stated that its operations have not been disrupted by the incident. The attack reportedly took down the port’s website and internal computer systems.
Note
- A busy reporting cycle on ransomware events to start the new year. It is reassuring to read that “All security protocols and response measures planned for this type of occurrence were quickly activated.” Still, lessons can be learned about the state of security employed at the port to further reduce ransomware attacks.
- LockBit ransomware operators are taking credit for this attack. Again, predefined security protocols were activated, minimizing the disruption and expediting the response/remediation. The Port is already working with both authorities and staff to ensure the security of the data and systems. The attackers claim to have stolen financial reports, audits, budgets, contracts, ship logs and other information about cargo and crews.
- The report suggests that at least some mission critical applications were safely isolated from public network facing ones.
Read more in
- Cyberattack Threatens Release of Port of Lisbon Data
- Porto de Lisboa alvo de ataque informático. Crime não comprometeu operações
Port of Lisbon website still down as LockBit gang claims cyberattack
Port of Lisbon target of computer attack. Crime did not compromise operations
Overview
The LockBit ransomware group claimed responsibility for the Christmas attack against the Port of Lisbon Administration and to have stolen financial reports, cargo details, crew information, and others.