One of Europe’s busiest seaports, the Port of Lisbon, has been hit with a ransomware attack that knocked some of its digital systems offline.
"All safety protocols and response measures provided for this type of occurrence were quickly activated, the situation being monitored by the National Cybersecurity Center and the Judicial Police," a statement shared by the Port of Lisbon Administration (APL) with local media earlier this week said.
The incident failed to impact the port’s operations, but did take its official website, portodelisboa.pt, offline.
LockBit taking responsibility
"The Port of Lisbon Administration is working permanently and closely with all competent entities in order to guarantee the security of the systems and respective data," the statement concludes.
While the company doesn’t explicitly say it was targeted with ransomware, the LockBit ransomware operator has added APL to its leaks website, taking responsibility for the hit.
The database it posted there allegedly contains financial reports, audits, budgets, contracts, cargo information, ship logs, crew details, customer PII (personally identifiable information), port documentation, email correspondence, and more.
In exchange for the decryptor, APL is required to pay $1,500,000. If these demands aren’t met by January 18,2022, the ransomware operators will leak the database online. The organization can delay the leak by a day, by paying $1,000.
The Port of Lisbon is not only part of the city’s and country’s critical infrastructure, but also part of Europe’s critical infrastructure, too. It is one of the most accessed ports in Europe, where overseas container ships, cruise ships, and pleasure crafts, first dock.
LockBit recently banned an affiliate from its program, for targeting a children’s hospital in Canada, and provided a free decryptor as an apology.
- These are the best endpoint protection software at the moment
Via: BleepingComputer