Lockbit ransomware gang claims to have hacked the Port of Lisbon

The website for the Port of Lisbon is still down days after it was the target of a ransomware attack claimed by Lockbit group.

The Port of Lisbon is the third-largest port in Portugal and one of the main European ports due to its strategic location.

The website of the port was hit by a cyber attack on December 25, in response to the security breach the administrators shut down it. At the time of this writing, the website of the port is still down.

The Administration of the Port of Lisbon said that the cyber attack did not compromise operational activity at the critical infrastructure. The administration notified the National Cybersecurity Center and the Judiciary Police were notified of the incident.

“All security protocols and response measures planned for this type of occurrence were quickly activated,” port officials told the newspaper Publico. “The Administration of the Port of Lisbon (APL) is working permanently and closely with all the competent authorities, in order to guarantee the security of the systems and respective data.”

This week, the LockBit ransomware group claimed responsibility for this attack, and the gang added the organization to the list of victims published on its website.

“After successful work with the Portuguese Port Authority. In our hands are. All financial reports, audits, budgets. Contracts, information about cargoes. Ship logs with all the information on the crews. Personal data of customers. All port documentation. All mail correspondence. All contracts. And much more. The entire date will be published in case of failure to contact us.” reads the announcement published by the gang on its Tor leak site.

The deadline fixed by the ransomware group is January 18, 2023.

Cyber attacks against ports are an alarming trend, Secretary of the U.S. Department of Homeland Security Alejandro Mayorkas recently told Congress that cyber attacks are the main threats to U.S. ports.

“We are increasing the level of technology by which our ports operate and that is why not only Customs and Border Protection have a focus on cybersecurity but so does the United States Coast Guard,” Mayorkas said. “I would identify, with respect to our ports, cybersecurity, as a significant threat stream and we are of course very focused on defending against it and strengthening our cybersecurity.”

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, critical infrastructure)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.