After almost a week of ambiguity, LockBit claimed responsibility for the cyber-attack on the Port of Lisbon. The port went offline after being hit by a ransomware news attack initiated by the gang on Christmas Day.
The main website is still unreachable to visitors, and no activity has been recorded since the attack. The Port of Lisbon is the third largest port in the country and has been a pillar in the Portugal economy, bringing commerce and employment to people for hundreds of years.
The threat group has given 18 January as the deadline for the payment and has denoted that failing to provide the same could be detrimental to the Port of Lisbon. The stolen data will be published if the port fails to meet the Russian threat actor’s demands.
Port of Lisbon: A harbor of data
According to the post shared by the threat group, the stolen data consists of financial reports, company audits, budgets, contracts, cargo, ship logs, information about crew members, personal data of customers, and port documentation, among other crucial data about Port of Lisbon.
The sudden drop in website uptime hints that some critical infrastructure could have been compromised. The company says that “all security protocols and response measures planned for this type of occurrence were quickly activated,” reported the Portuguese daily national newspaper, Público.
However, LockBit seems to have put the port authorities on a spot by given them bargaining alternatives to protect the data. For $1,000, the authorities can postpone publishing the data for 24 hours, and for $1,499,999, the stolen data can be destroyed or will be available to download at any moment, said the ransom note.
The security protocols have started mitigating the attack, and the National Cybersecurity Center and the Judiciary Police are monitoring the situation, said the report. The Administration of the Port of Lisbon (APL) is also involved with competent authorities to minimize the damage and protect the systems, security, and the associated data with the port.
Port of Lisbon: Critical infrastructure at bay
The Port of Lisbon is the largest and busiest port in Portugal and a central transportation hub. It receives more than 3,500 vessels annually and handles 13.2 million tonnes of cargo and 555,000 TEU (twenty-foot equivalent units).
It is divided into two main areas: commercial and leisure ports. The commercial port is responsible for handling a variety of cargo, including container ships, bulk carriers, and roll-on/roll-off (RoRo) vessels.
This port is vital to the economy of the city of Lisbon, serving its manufacturing, industrial, and tourism sectors. In addition to its commercial function, Lisbon port is also a popular tourist destination, attracting recreational boaters and yachts.
Over the years, the port has implemented various advanced technologies to improve efficiency, reduce environmental impacts, and enhance safety and security. These technologies are interconnected with electronics and computers, and a cyber-attack on any of these technologies and machinery can severely damage the city and its people.