HQ/EMEAFind out how we can help your business
The prolific LockBit ransomware group struck another giant company after claiming to have attacked Portugal’s third-largest port, Port of Lisbon Administration (APL), on Christmas day. Fortunately, the attack did not impact the company’s operations, although an immediate incident response was launched.
Port of Lisbon has played a crucial part in Portugal’s capital city’s water transportation, as it catered to the locals’ access to many locations and service to container ships, cruise ships, and more. It is also one of Europe’s most accessed ports due to its strategic location between the Atlantic, Africa, and Europe.
Based on a statement released by the port’s management, they have quickly implemented safety protocols and incident response plans after learning of the security breach’s occurrence, which allegedly transpired last January 18, 2022. The port also contacted the National Cybersecurity Center and the Judicial Police to aid them with the mitigation and investigation.
The official website of the Port of Lisbon remains inaccessible.
The port’s official website, portodelisboa[.]pt, is still inaccessible as of this time of writing, presumably due to the ongoing investigation of the attack. Moreover, the cyberattack’s scope and nature have yet to be revealed by the port’s management or the authorities.
According to the LockBit ransomware gang, who claimed to be the perpetrator, they had stolen critical data from the Port of Lisbon. These allegedly stolen data includes audit, budget, and financial reports, copy of contracts, cargo information, crew details, ship logs, customer PIIs, email correspondence, and port documents, among others.
LockBit also posted some samples of the stolen data from the port, but security researchers have yet to confirm the samples’ legitimacy. The ransomware group has threatened the port’s management to publish all the stolen data if they do not cooperate with the ransom demands of $1,500,000.
On the other hand, the gang offered the data to other interested threat actors for the same amount.
LockBit remains one of the most dangerous, active, and prolific ransomware gangs for 2022. They have made their reputation for executing attacks against giant firms, including California’s Department of Finance, automotive firm Continental, IT consulting Accenture, and security firm Entrust, among others.
Security experts believe the attack on the Port of Lisbon would not be the last to be heard from LockBit, especially in the coming new year. Thus, companies, organisations, and individuals are advised to fortify security measures to protect against cybercriminals’ threats.
