The Port of Lisbon in Portugal still remains offline since it was hit by a ransomware news attack on the Christmas Day. Their website is currently unavailable to visitors. The Port of Lisbon is the third largest port in the country and has been a pillar in the Portugal economy, bringing commerce and employment to people for hundreds of years.
According to BetterCyber tweet, an unidentified threat group launched a ransomware attack on the Port of Lisbon and took down their website. The website is still unavailable to visitors at the time of writing and shows a “The connection was reset” message.
None of the ransomware groups have claimed the breach yet. Generally, it would take about 2-4 weeks for them to announce if the negotiations fail,” said a dark web researcher commissioned by The Cyber Express to track possible leads on the attack.
The Port of Lisbon, the 3rd largest port in Portugal 🇵🇹, suffered a #ransomware attack on December 25. Their website is currently unreachable…
Source 👉 https://t.co/HjNjQNU1tU via @Publico pic.twitter.com/uLUo0PgeCj
— BetterCyber (@_bettercyber_) December 26, 2022
Port of Lisbon: Critical infrastructure
The Port of Lisbon is the largest port in Portugal and a central transportation hub. It is divided into two main areas: commercial and leisure ports. The commercial port is responsible for handling a variety of cargo, including container ships, bulk carriers, and roll-on/roll-off (RoRo) vessels. On the other hand, recreational boats and yachts primarily use the leisure port.
Over the years, the port has implemented various advanced technologies to improve efficiency, reduce environmental impacts, and enhance safety and security. These technologies are interconnected with electronics and computers, and a cyberattack on any of these technologies and machinery can result in severe damage to the city and its people.
It is still unclear what data was compromised and who is the attacker behind the ransomware, but seeing the drop in website uptime hints that some critical infrastructure could have been compromised. The company says that “all security protocols and response measures planned for this type of occurrence were quickly activated,” reported the Portuguese daily national newspaper, Público.
The security protocols have started mitigating the attack, and the National Cybersecurity Center and the Judiciary Police are monitoring the situation, said the report. The Administration of the Port of Lisbon (APL) is also involved with competent authorities to minimize the damage and protect the systems, security, and the associated data with the port.