Port of Lisbon hit by ransomware attack

Ransomware
(Image credit: Pixabay)

One of Europe’s busiest seaports, the Port of Lisbon, has been hit with a ransomware attack that knocked some of its digital systems offline.

"All safety protocols and response measures provided for this type of occurrence were quickly activated, the situation being monitored by the National Cybersecurity Center and the Judicial Police," a statement shared by the Port of Lisbon Administration (APL) with local media earlier this week said.

The incident failed to impact the port’s operations, but did take its official website, portodelisboa.pt, offline.

LockBit taking responsibility

"The Port of Lisbon Administration is working permanently and closely with all competent entities in order to guarantee the security of the systems and respective data," the statement concludes.

While the company doesn’t explicitly say it was targeted with ransomware, the LockBit ransomware operator has added APL to its leaks website, taking responsibility for the hit. 

The database it posted there allegedly contains financial reports, audits, budgets, contracts, cargo information, ship logs, crew details, customer PII (personally identifiable information), port documentation, email correspondence, and more.

In exchange for the decryptor, APL is required to pay $1,500,000. If these demands aren’t met by January 18,2022, the ransomware operators will leak the database online. The organization can delay the leak by a day, by paying $1,000.

The Port of Lisbon is not only part of the city’s and country’s critical infrastructure, but also part of Europe’s critical infrastructure, too. It is one of the most accessed ports in Europe, where overseas container ships, cruise ships, and pleasure crafts, first dock.

LockBit recently banned an affiliate from its program, for targeting a children’s hospital in Canada, and provided a free decryptor as an apology. 

Via: BleepingComputer

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.