One of the busiest seaports in Europe, the Port of Lisbon, was the victim of a ransomware attack (opens in a new window) that took some of its digital systems offline.
"All the security protocols and response measures provided for this type of event were quickly activated, the situation being monitored by the National Cybersecurity Center and the Judicial Police," the Lisbon Port Administration (APL) told the media. locals earlier this week. he has told me.
The mishap did not affect port operations, but it disconnected its official site, portodelisboa.pt.
LockBit accepts responsibility
"The administration of the Port of Lisbon works continuously and closely with each and every one of the efficient entities to ensure the security of the respective systems and data," the press release concludes.
Although the company does not explicitly state that it was targeted by ransomware, ransomware operator LockBit added APL to its leak site, taking responsibility for the attack.
The database it publishes there would contain financial reports, audits, budgets, contracts, cargo information, logs, crew details, PII (Personally Identifiable Information) about service customers, port documents, e-mail correspondence, etc. .
In exchange for the decryptor, APL must pay €1,500,000. If these demands are not met by January 1,000, XNUMX, the ransomware operators will spread the database online. The organization can delay the escape for one day by paying €XNUMX.
The port of Lisbon is not only part of the critical infrastructure of the city and the country, but also of the critical infrastructure of Europe. It is one of the most accessible ports in Europe, where overseas container ships, cruise ships and pleasure boats dock first.
LockBit recently banned an affiliate from their program, for targeting a children's health center in Canada, giving out a free decryptor as an excuse.
Via: BleepingComputer (opens in a new tab)