Port of Lisbon website still down from LockBit ransomware gang

The website for the Port of Lisbon is still down since the Administration of the Port of Lisbon (APL) announced the cyberattack on Christmas. That’s over a week of downtime for the website at the time of this publication.

The Port of Lisbon is Portugal’s busiest and one of the most used across all of Europe. It is considered a strategic location between Europe and Africa.

The APL confirmed the ransomware attack on December 25 to the newspaper Publico.

The ransomware attack did not compromise operations at the Port, and the National Cybersecurity Center and Judiciary Police were notified of the incident, per Publico.

“The Administration of the Port of Lisbon (APL) is working permanently and closely with all the competent authorities, in order to guarantee the security of the systems and respective data,” the APL stated.

LockBit confirmed responsibility for the ransomware attack on December 29. They claim to have stolen “financial reports, audits, budgets, contracts, ship logs” and other data about cargo and crews, per The Record.

Just in case you thought the LockBit ransomware operation had ethics after providing a free decryptor to the SickKids hospital, think again.

Cyberattacks on Ports are a top concern

This is not the first cyberattack on a European port. In February 2022, a ransomware attack affected several major oil port terminals across Belgium and The Netherlands.

Cyberattacks on ports in the United States are a top concern for US Department of Homeland Security Alejandro Mayorkas.

Attacks on Ports can have similar cascading effects such as attacks on energy infrastructure, according to Chris Grove of Nozomi Networks.

“Any disruption to the flow [of imported-by-sea coal and oil for power generation], ranging from a naval blockade to a cyberattack, could be crippling for any nation,” Grove stated to The Record.

Aging infrastructure and the brittle nature of operational technology networks equals an environment ripe for cyberattacks and disruption.

While this attack seems to be limited (at least publicly acknowledged) to just the Port of Lisbon’s website, it should serve as a wake-up to other ports across the globe to step up cyber defenses.


Discover more from Cybersecurity Careers Blog

Subscribe to get the latest posts sent to your email.