Lockbit ransomware gang claims to have hacked the Port of Lisbon

The website for the Port of Lisbon is still down days after it was the target of a ransomware attack claimed by Lockbit group.

The Port of Lisbon is the third-largest port in Portugal and one of the main European ports due to its strategic location.

The website of the port was hit by a cyber attack on December 25, in response to the security breach the administrators shut down it. At the time of this writing, the website of the port is still down.

The Administration of the Port of Lisbon said that the cyber attack did not compromise operational activity at the critical infrastructure. The administration notified the National Cybersecurity Center and the Judiciary Police were notified of the incident.

“All security protocols and response measures planned for this type of occurrence were quickly activated,” port officials told the newspaper Publico. “The Administration of the Port of Lisbon (APL) is working permanently and closely with all the competent authorities, in order to guarantee the security of the systems and respective data.”

This week, the LockBit ransomware group claimed responsibility for this attack, and the gang added the organization to the list of victims published on its website.

“After successful work with the Portuguese Port Authority. In our hands are. All financial reports, audits, budgets. Contracts, information about cargoes. Ship logs with all the information on the crews. Personal data of customers. All port documentation. All mail correspondence. All contracts. And much more. The entire date will be published in case of failure to contact us.” reads the announcement published by the gang on its Tor leak site.

The deadline fixed by the ransomware group is January 18, 2023.

Cyber attacks against ports are an alarming trend, Secretary of the U.S. Department of Homeland Security Alejandro Mayorkas recently told Congress that cyber attacks are the main threats to U.S. ports.

“We are increasing the level of technology by which our ports operate and that is why not only Customs and Border Protection have a focus on cybersecurity but so does the United States Coast Guard,” Mayorkas said. “I would identify, with respect to our ports, cybersecurity, as a significant threat stream and we are of course very focused on defending against it and strengthening our cybersecurity.” 

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, critical infrastructure)

[adrotate banner=”5″]

[adrotate banner=”13″]