The LockBit ransomware gang has claimed responsibility for a hack that occurred on Christmas day against the Port of Lisbon Administration (APL), the third-largest port in Portugal.
Although the incident had no impact on the port’s operations, the port’s administration said it was collaborating with law enforcement to recover the material that had been exfiltrated.
The Cyberattack Gang Says It Compromised All Of The Port’s Data
According to Bleeping Computer, being one of the most accessible ports in Europe, the Port of Lisbon is an essential component of the city’s key infrastructure in the capital of Portugal.
Because of its importance to the Eurasian port system, the Port of Lisbon leaves itself vulnerable to cyberattacks from which hackers can gain and exploit valuable information.
On Thursday, the LockBit ransomware group said that it had attacked the port and claimed to have stolen financial data, audits, budgets, contracts, ship logs, and other details regarding cargo and crews.
Despite the attack, the Port of Lisbon officials reported that the cyberattack did not affect its operational activity.
However, it ensures the public that the incident has already been relayed to the National Cybersecurity Center and the Judiciary Police.
“All security protocols and response measures planned for this type of occurrence were quickly activated,” port officials claim in a statement.
Additionally, the APL says that it will be working permanently with authorities to make sure that the systems and data in it will remain secure, The Record writes.
The group gave law enforcement until January 18 to respond and requested $1.5 million in exchange for the data’s download or destruction.
Furthermore, if the Port of Lisbon didn’t reply by the deadline, the ransomware group threatened to reveal the stolen data.
Aside from this, it is important to note that LockBit will sell the data for the same price to anyone who wants rapid access to them.
The Port of Lisbon Attack Follows Other Notable Cyberattacks
Being active since late 2019, the notorious ransomware group LockBit is frequently seen as a strict competition against Conti to become the most well-known digital extortion gang in the globe.
The notorious RaaS (ransomware as a service) operation is also powered by the LockBit gang’s third iteration of its encryptor, making them one of the most active groups this year.
The incident is the most recent in a string of hacks that have seriously disrupted ports throughout Europe, according to The Record.
This week, speculations surfaced in Japanese media that the Japan Police’s cybercrime unit had provided free system restoration assistance to at least three domestic businesses affected by LockBit 3.0 attacks.
Continental, the international automaker that the ransomware group named on its Tor website in November 2022, was the target of another recent attack by LockBit as well.
Because of this, European prosecutors and cybersecurity experts also started looking into a ransomware attack that affected several important oil port terminals in February.
Ports, according to a number of cybersecurity experts, are prime targets for nation-states and cybercriminals looking to cause chaos and disaster.
This is due to the fact that ports and maritime operations have a large worldwide footprint, frequent communication, and an amplified impact of loss, making a cyberattack an important issue.